Job Description

Interview Process: 1 round, Virtual/Online - potential for a 2nd round onsite as needed
Duration of the Contract: 12 months


Possibility for Extension: Yes
Work Location: Fully Remote
Candidate Location: No SC residency required. Open to nationwide candidates.

Daily Duties / Responsibilities:

PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID AND OVER FULL-TIME REMOTE (ON-SITE AS NEEDED).

• Review and tune current detection rules within the State SIEM.
• Perform Gap analysis of the current detection coverage.
• Develop detection rules/solutions to cover found Gaps.
• monitor threat intelligence sources for new use cases.
• Work with State SOC analysts to create and tune rules.
• Work with the State Threat Hunter to identify and remediate detection coverage gaps.
• Document processes, runbooks, and troubleshooting steps related to the SOAR and integrations.
• Coordinate with engineering, SOC, and agency staff as needed to meet goals.
• Other duties as needed.

Preferred Skills (rank in order of Importance):

• Experience with the Palo Alto Cortex XSIAM platform.
• Deep understanding of Windows/Linux artifacts.

Preferred Education/Certifications:

• CISSP, CISA, CISO or equivalent advanced security certification.
• Additional relevant certifications (e.g., CEH, OSCP, GPEN).
• VENDOR CERTIFICATIONS IN DETECTION ENGINEERING.
• Resource is local to Columbia, South Carolina or a surrounding city in South Carolina

Job Tags

Similar Jobs