Lead / Cybersecurity (Threat Detection & Response Analyst) Engineer
Job Title: Lead / Cybersecurity (Threat Detection & Response Analyst) Engineer Remote • Conduct real-time analysis using the SIEM, Cloud, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying security events and false positives. • Correlate intelligence, to develop deeper understandings of tracked threat activity. • Apply basic threat hunting techniques to pivot for given information to known attack patterns, malicious code families, tracked threat groups and other historical information. • Pivot through open-source and internal frameworks for related data associated with potentially malicious Indicators of Compromise (IoCs) and Indicators of Attack (IoAs). • Triage potentially malicious binaries and/or other types of malware, including familiarity with basic to intermediate static/dynamic analysis techniques. • Prepare and report risk analysis and threat findings to appropriate stakeholders. • Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation. • Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise. • Script basic tasks with high-level scripting languages, such as Python or PowerShell. • Threat Detection & Response Playbook Development, Standard Operating Procedures, Amtrak ITSM Cyber Incident Management and Handling Playbook Development, Non-Cyber & Physical Incident Playbook Development Apply tot his job