Cyber Defense Resume Samples

4.6 (157 votes) for Cyber Defense Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the cyber defense job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
WM
W Morar
Wilber
Morar
51298 Smitham Dam
Chicago
IL
+1 (555) 452 9886
51298 Smitham Dam
Chicago
IL
Phone
p +1 (555) 452 9886
Experience Experience
Detroit, MI
Cyber Defense Detection Analyst
Detroit, MI
Witting LLC
Detroit, MI
Cyber Defense Detection Analyst
  • Working knowledge of Intrusion Detection/Prevention Systems and rule/signature writing
  • Interface with CME Group employees that are reporting security issues through established communication channels
  • Extensive knowledge of network and system level attack vectors and mitigation techniques
  • Provide support for Junior Analysts in validation and assessment of security events
  • Working knowledge of IT best practices
  • Working knowledge of packet collection and analysis tools: TCP Dump, wire shark
  • Monitor and investigate network and system events to preemptively determine attack
Detroit, MI
Cyber Defense Specialist
Detroit, MI
Kemmer Inc
Detroit, MI
Cyber Defense Specialist
  • Monitoring , analysis of, and maintenance of the SIEM
  • Actively looking for ways to improve the processes around the program to provide a best of breed, world class service
  • Assisting in management of the relationship between Citizens and third party security vendors
  • Participating in recovery on security incidents
  • Communicating security issues to a wide variety of internal and external audiences to include technical teams, executives, risk groups, vendors and regulators
  • Participating in the Intelligence Analysis process
  • Reviewing changes to security rule sets
present
Boston, MA
Senior Cyber Defense Analyst
Boston, MA
Champlin and Sons
present
Boston, MA
Senior Cyber Defense Analyst
present
  • Provide Subject Matter Expertise to aid Program Managers in the development of A&A documentation
  • Develop and execute plans, processes and corrective actions for cybersecurity issues
  • Perform validation of cyber security controls in support of Assessment and Authorization (A&A) efforts
  • Develop IT sustainment documents and actions and renewal documentation
  • Analyze computer systems and network traffic for signs of infection or compromise
  • Interact and assist other investigative teams within Visa on time sensitive, critical investigations
  • Coordinate a team to identify attempted and successful penetrations and information attacks and develop COAs
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Arizona State University
Bachelor’s Degree in Computer Science
Skills Skills
  • Demonstrated integrity in a professional environment
  • Knowledgeable in legal issues within information security environments (e.g., data privacy)
  • Excellent leadership and teaming skills
  • Good social, communication, and technical and general writing skills
  • Excellent ability at building relationships with other organizational groups
  • 6+ years’ experience in one or more of the following
  • Deep understanding of security threats and vulnerabilities
  • Understanding of electronic security event management, investigation, and methodologies. Including: log correlation and analysis, knowledge of the computer security investigative processes
  • Familiar with a basic understanding of legalities surrounding electronic discovery and analysis
  • Familiar with basic system administration functions for Windows and Unix platforms
Create a Resume in Minutes

15 Cyber Defense resume templates

1

Cyber Defense Siem Engineer Senior Resume Examples & Samples

  • 4 year college degree and/or equivalent business experience
  • 8+ years experience in IT/Security
  • Security certification as CISSP, GIAC, etc
  • Database Application Development understanding
  • Security and IT Metrics experience a plus; Report creation abilities strongly desired
  • Experience with process automation and/or scripting (i.e. XML, C+, VBA, Regular Expressions, etc.)
  • Strong database principle understanding and awareness of security threats
  • Solid understanding of SIEM (Security Information and Event Management System) technology, locating sources and rule creation
  • Familiar with emerging technologies in the security monitoring, event correlation and alert/detection space
  • Strong tuning and operational experience with DAM monitoring tools (Imperva, Guardium)
  • Ability to recognize security events of interest that may require improved detection/alerting capabilities
  • Experience with Linux and Windows Operating Systems and numerous databases
  • Good oral and written skills
  • Good experience in Relational databases as well as SQL skills
  • Excellent organizational, time management and interpersonal skills
  • Metric reporting to demonstrate risk reduction
2

Cyber Defense Tools Specialist Resume Examples & Samples

  • 2+ years of experience with implementing and operating information security continuous monitoring tools from leading vendors, including McAfee, such as Vulnerability Manager, Policy Auditor, and Application Control, Symantec, such as SEP, CSP, and DCP, Tenable, such as Nessus and Security Center, Tripwire IP360, IBM Endpoint Manager, such as BigFix, Forescout CounterACT, or other leading vendor solutions
  • 2+ years of experience with performing systems administration in Windows, Linux, and VMware environments, including performing installation and configuration, monitoring system performance and availability, performing upgrades, and troubleshooting
  • Knowledge of federal information security policies, standards, procedures, directives and frameworks, and federal security authorization, assessment, and risk management processes for enterprise systems
  • BA or BS degree in IT Security, Engineering, or a related field preferred
  • CISSP, Security+, or equivalent Certification
3

Manager, Cyber Defense Infrastructure Resume Examples & Samples

  • Advanced knowledge of computer, network systems and operating systems and management applications
  • Strong understanding of information security and the relationship between threat, vulnerability and information security operations in the context of risk management
  • Must have a track record of developing and implementing a comprehensive strategy and plan for managing information security technology and operations
  • Ability to gather, analyze and interpret business drivers and developing practical security solutions that provide adequate security to support the business
  • Demonstrated ability to build effective, cohesive and collaborative teams
  • Strong demonstrated ability to skillfully hire, develop, lead, motivate, performance manage, and coach a cross-section of security and technology professionals in supporting Rackspace operations and meeting business objectives
  • Bachelor’s degree in computer science, information systems, engineering, business administration or a related field is preferred
  • Experience with Source Fire, Splunk, ESX, VMWare, Cisco networking near, and FireEye products highly desired
  • Must have at least one of the following active certifications: CISA, CISM, CISSP or CFE
  • Other related certifications such as ITIL, PMP, SANS/GSEC, CIPP, CRISC, CGEIT, CPA/CA are preferred, but not required. Typically req
  • Minimum of 8 years and proven track record of executive leadership in information security policy, standards, architecture, technology and programs
4

SOC Advanced Cyber Defense Team Member Resume Examples & Samples

  • Enhance current deployment of commercial tools used by Security Operations Center
  • Develop new processes and procedures to enhance SOC monitoring, analysis and escalation procedures
  • Participate in major security events as subject matter expert
  • Participate in SOC internal projects such as SOC tools development, data analytics and SOC lab expansion
  • Provide guidance to SOC Tier 1 and SOC Tier 2 on investigations and further analysis as needed
  • Overall understanding of network and application analysis
5

Senior Cyber Defense Analyst Resume Examples & Samples

  • Investigate and contribute to large and small scale computer security incident response events on a global network
  • Leverage advanced tools to identify and mitigate malicious activity, ranging from malware to potential interactive intrusions
  • Analyze computer systems and network traffic for signs of infection or compromise
  • Act as a subject matter expert on information security related issues pertaining to malware analysis and incident response
  • Demonstrated relevant experience as a key member of an incident response team, malware analyst, or similar role
  • Strong knowledge of Windows internals and APIs
  • Strong scripting skills (Python preferred, but Perl, Powershell, etc. is acceptable)
  • Previous experience with RegEx or Snort is desirable
  • Ability to rapidly analyze systems for signs of infection or compromise
  • Tangible experience combatting crimeware or APT is a distinguishing factor
  • Certifications such as GREM or CISSP a plus, but skill level carries more weight
6

Cyber Defense Analysts Resume Examples & Samples

  • Respond to cyber security incidents by collecting, analyzing and preserving digital evidence
  • Subject matter expert on security related issues
  • Ability to aggregate and correlate alerts from systems and/or SIEM analytics tool to provide context, environmental awareness, baselines, and root cause analysis
  • Gather forensic evidence for analysis, investigation, disciplinary action or criminal investigation
  • Conduct advanced computer and network forensic investigation functions
  • Participate in leadership groups throughout the company to plan and test incident response capabilities
  • 5+ years of experience in information security related positions, preferably in Incident Management, event analysis, penetration testing
  • Comprehensive knowledge of the OSI model
  • A holistic understanding of attack vectors, current threats, and remediation strategies is essential for this role
  • Experience with computer forensics concepts and procedures, investigations, collections, evidence handling, analyzing and preserving digital evidence and live response techniques
  • GIAC Certified Incident Handler - GCIH
7

Cyber Defense Detection Analyst Resume Examples & Samples

  • Analyze information from variable sources; leverage various toolsets to gain awareness of potentially suspicious activity
  • Investigate, Document events and escalate to incidents as neededActs as a participant during Cyber Hunt activities at the direction of one or more Incident Response Analysts
  • Monitors SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises
  • Responsible for understanding the global threat landscape by working with CMEG’s Cyber Threat Response (CTR) team
  • Escalates cyber security events according to CMEG’s runbook and standard operation procedures (SOPs)
  • Perform initial investigations; identify attack vectors and mitigation tactics
  • Collaborate with technical teams to identify, resolve, and mitigate events
  • Proactively provide feedback on CDT operational processes and procedures
  • Documenting event analysis and writing comprehensive reports of incident investigations
  • Performs other duties as requested
  • Strong security background in network/systems/physical security, authentication, authorization and usability
  • Extensive knowledge of networking principals
  • Working knowledge of Intrusion Detection/Prevention Systems and rule/signature writing
  • Working knowledge of packet collection and analysis tools: TCP Dump, wire shark
  • Extensive knowledge of network and system level attack vectors and mitigation techniques
  • Demonstrated ability to: Differentiate between a significant event, a true positive, and a false positive. Translate raw logs into actionable intelligence
  • Previous System Administration experience
  • Conceptual understanding of the Cyber Kill Chain
  • Strong familiarity with security issues surrounding network computing and experience in implementation of security systems and controls. Must have a thorough knowledge of information security components, principles, practices, and procedures
  • Formal training or commensurate work experience in security tools (scanners, Intrusion Detection Systems, and security analysis tools both on the network and on host based systems)
  • Must have good knowledge of general IT architecture infrastructure, web application, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development
  • Security certifications (e.g. Security+, Network+, GCIA, GCIH, CISSP, CEH, etc.)
  • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation in a fast-paced environment
8

Cyber Defense Technology Specialist Resume Examples & Samples

  • Act as a technical touch point between clients, partners, and the software engineering and operations team
  • Advise customers on the latest threats, delivering customer specific Threat Intelligence Reports
  • Be the trusted adviser and technical authority to the customer for architecture and integration decisions
  • Provide feedback and reporting to senior management on customer accounts
  • Design and build custom client integrations and define solution architectures
9

Cyber Defense Data Protection Operations Engineer Resume Examples & Samples

  • 6+ years of proven success in a similar security role
  • Familiarity with common industry best practices (ITIL, SDLC, AGILE, COBIT)
  • A strong understanding of tiered defense-in-depth security design
  • Detailed technical knowledge of security engineering and operations
  • Experience with database management or database activity monitoring solutions
  • Knowledge of database concepts such as SQL (DML/DQL/DCL) and clustering
  • Experience with DLP tools
  • Knowledge of tokenization and encryption
  • A strong understanding of Data Protection and Compliance best practices
  • Experience with Big Data environments and/or Big Data security solutions
  • Confident ability to recognize security events of interest that may require improved detection/alerting capabilities
  • Extensive experience with Windows and/or Linux/Unix Servers
  • Extensive experience in routing and switching technologies
  • Familiar with technologies in the security monitoring, event correlation and alert/detection space
  • Experience creating reports and dashboards for metrics/KPIs
  • Effectively communicate technical information to non-technical audiences and influence others to comply with policies/conform to standards and best practices
  • Strong attention to detail and process
  • CISSP, GIAC, CISA, or other appropriate certifications
  • Security and IT metrics experience a plus; report creation abilities strongly desired
  • Experience with process automation and/or scripting (i.e. XML, C++, VBA, Regular Expressions, Python, Pearl, Power Shell, etc.)
  • Experience with audit related frameworks, such as the NIST Cyber Security Framework and Common Control Framework
10

Senior Cyber Defense Engineer Administrator TS Resume Examples & Samples

  • Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities
  • Primary responsibility is Maintain, Configure and Troubleshoot Cyber Defense Systems. The candidate will have experience in one of the following areas: - McAfee ePolicy Orchestrator as implemented in the DoD HBSS program - Linux based serviers and appliances - Client\Server technologies and troubleshooting - Splunk - Encase
  • May also assist with the following: 80/443 web content filters/proxies, email security capabilities, IDS, IPS,SEIM, DNS security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists
  • Ability to write signatures for detection systems, such as SNORT and McAfee Intrushield a plus
  • Will have experience with multi-tasking providing on ground support to CNDSP work centers
  • Will have excellent oral and written skills creating programmatic documentation, standard operating procedures and granular process checklists
  • Will conduct special projects by request
11

Cyber Defense Mission Analyst Resume Examples & Samples

  • The successful candidate will provide assistance in the creation of collection strategies, postures, and plans in order to meet JFHQ-DoDIN Intelligence and information gaps. Knowledgeable in all source intelligence collection management (SIGINT, HUMINT, MASINT, CI, OSINT, IMINT, GEOINT, and TECHINT)
  • Assist in the validating, coordinating, drafting, submitting, and maintaining of formal JFHQ-DoDIN Intelligence requirements and requests to the IC through USCYBERCOM
  • Participate in strategic working groups in order to effectively assist in the planning of long range collection efforts deconflict and coordinate Intelligence and information needs and requirements that cross organizational boundaries, and facilitate joint collection efforts at the strategic level. Assist in the deconfliction of time sensitive requirements among CYBER partners with assistance of designated members of the USCYBERCOM J2 and other JFHQ-DoDIN J2 personnel as needed
  • Assist in the planning and management of organic collection assets through the Intelligence, Surveillance, and Reconnaissance planning process. Contractor personnel will assist in the coordination of non-organic collection activities supporting J FHQ-DoDIN missions and goals. Assist in the validation, deconfliction, and consolidation of assigned/attached service J2 elements Intelligence requirements
  • Assist in the development, revision, and maintenance of the Command Priority Intelligence Requirements as well as support the collection planning of Operational Planning Teams and other working groups operating within the command
  • Knowledge of collection management process, Able to use collection request and management tools
  • 05-07 years w/Bachelors Degree
12

Cyber Defense Professional Resume Examples & Samples

  • Lead detection and response effort to address cybercrime, espionage, and insider threats
  • Perform aggregation, normalization, processing, and analysis of network, intrusion and related logs for next generation malware and insider threats
  • Perform network forensics, consisting of analysis of network related traffic for malware command and control paths and discovery of data exfiltration routes
  • Perform threat assessments and identify architectures and controls to substantially mitigate associated risks
  • Assist team members in the assessment and deployment of emerging information protection technologies
  • Bachelor's of Science in Computer Science or related scientific/technical field or equivalent; Master's Degree in Computer Science or related scientific/technical or equivalent
  • 5+ years of professional work experience
  • 4+ years of focused security operations/engineering technical experience related to malware, incident response, and network/host-based forensics
  • Experience and knowledge of information protection principles such as identity management, authentication, authorization, encryption, vulnerability assessment and remediation, firewall concepts, audit trails/logs and best practices for administering data commingling
  • Hands­-on, proven experience in system and network forensics and all aspects of information security investigations, including computer security incident response
  • Hands-on, proven experience in scripting, API integration, and security tool creation
  • Python experience a plus
  • Hands-­on, proven experience in malware decomposition and reverse engineering
  • Expertise in client­-server and peer-­to-­peer systems communication, management and routing protocols, multicast and unicast protocols and protocol analysis and decoding
  • Excellent oral and written communication and persuasive skills
  • Awareness of physical safeguards and contract language protection for intellectual property
  • Must be able to work across functions and different levels of the organization to achieve results and develop supportive relationships for Business and Information Security goals and initiatives
  • Must combine the ability and desire to execute high­ quality hands-on work, together with project management in a complex environment
  • Must be capable of thought leadership
  • Must be team-oriented and able to successfully contribute in a cooperative and collaborative environment
  • SANS certifications a plus (GSEC, GCIH, GCIA, GNFA, GREM, GCFA, GCFE, or others)
  • US government security clearance or the ability to get clearance
  • Bachelor’s of Science in Computer Science or related scientific/technical field or equivalent. 4+ years of focused security operations/engineering technical experience related to malware incident response and network/host-based forensics US government security clearance or the ability to get clearanceWant to create a job search agent? Send this job to a friend
13

Intermediate Cyber Defense Administrator Operations CND Tools Resume Examples & Samples

  • Broad scope of tasks to include O&M and tuning of cyber defense tools, integration of Splunk, Forescout, Fire Eye, Tanium and other tools, security architecture design, implementing new cyber capabilities, implementing regional based IPS, designs and defines system architecture for new or existing computer systems
  • Performs functions to include but not limited to systems engineer, audit/inspection, infrastructure support, certification and accreditation, vulnerability management, detection and response support services
  • Requires TS/SCI Clearance
14

Cyber Defense Enclave Task Leader Resume Examples & Samples

  • Leading the technical effort and delivery of a team of 5-10 MITRE engineers
  • Working closely with sponsor and stakeholder organizations to define task outcomes, deliverables, schedules, and resource requirements
  • Planning, monitoring, and reporting all aspects of task execution
  • Leading the overall design and integration of the Cyber Defense Enclave reference architecture
  • Coordinating across MITRE to share and leverage best practices and cutting edge capabilities
  • Experience developing, integrating, and testing network sensing technologies
  • Deep knowledge of network protocols, especially regarding cybersecurity implications, including experience with implementation or network management; examples include: TCP, UDP, IP, ICMP, BSG, HTTP/S, SMPT, DNS, switch configuration, router configuration, and network-based load balancing
  • Experience leveraging end-user system host and network logs to identify security vulnerabilities and incidents
  • Experience using and/or configuring Security Event and Information Management (SEIM) tools
  • Fluency in one or more object-oriented and/or scripting programming languages (e.g., C, C++, Java, Perl, Python)
  • Experience implementing big data analysis solutions
  • Experience leading medium-sized teams to deliver quality capabilities in a fast-paced environment with multiple stakeholders
  • Experience in system administration and management of Linux-based servers
  • Experience with virtualization technologies, such as VMware
  • Experience with open source network intrusion detection technologies
  • Past experience with- or knowledge of- US Navy networks and systems
  • Prior experience working in a cyber security operations center
15

SOC Advanced Cyber Defense Lead Resume Examples & Samples

  • Research and identify the new areas of risk and exposure where SOC should focus
  • Network security monitoring and intrusion detection
  • Application Security Monitoring
  • Programming and debugging
16

Cyber Defense Tools Specialist Resume Examples & Samples

  • 2+ years of experience with performing systems administration in Windows, Linux, or VMware environments, including performing basic troubleshooting, installation or configuration, monitoring system performance or availability, and performing security upgrades
  • 1+ years of experience with performing application whitelisting or blacklisting using security tools, including Bit9 Parity, RES One, and customized capabilities or enterprise or domain configuration and administration, such as Group Policy editing and enforcement, or 3+ years of experience with security tool administration or network and domain administration, including Active Directory in lieu of experience in application whitelisting or blacklisting
  • BA or BS degree in IT Security or Engineering and 3+ years of experience with IT in a professional work environment or 8 years of experience with IT in lieu of a Bachelor’s degree
  • 2+ years of experience in Linux Administration, including Debian and Red Hat distribution variants or derivatives
17

Cyber Defense Resume Examples & Samples

  • Responsible for analyzing and responding to a variety of security events, specifically database super-user security events
  • Constantly look for ways to improve the processes around the program to provide a best of breed, world class service
  • Possess the ability to discuss security issues to a variety of audiences and also be able to assess the true risk to the organization
  • The successful candidate is someone who is passionate for IT Security and thrives while working on and within a team of skilled individuals
  • Additional role responsibilities will include
  • Maintaining a deep understanding of current threat, vulnerabilities, attacks and countermeasures and how to respond effectively to them
  • Improving the capabilities and maturity of the Citizens Bank vulnerability, compliance and threat management programs by identifying appropriate technologies, policies, communication channels, organizational structures and relationships with third parties
  • Communicating security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups and regulators
  • Providing metrics to reflect the true posture of the environment
  • Working with various customers to interpret security events and acting as subject matter expert
  • Experience working in a customer focused environment
18

Cyber Defense Analyst Resume Examples & Samples

  • Requires 10 to 12 years with BS/BA (Computer Science, Information Systems, Cyber Security, Computer Engineering, or related technical field
  • Demonstrated administrative and organizational skills
  • Excellent interpersonal skills and the capability to deal with personnel at all levels in the government, industry, and academia
  • MS Office Experience
  • 5 years of cyber analysis experience
  • Demonstrated proficiency in network security analysis tools (HP ArcSight, Ethereal, Wireshark, etc.)
  • IC experience
  • Must demonstrate professional behavior at all times when dealing with clients, management and employees
  • Grooming and dress must be appropriate for the position and must not impose a safety risk to the employee or others
  • Completion of required certifications within six (6) months of hire date
19

Cyber Defense Specialist Resume Examples & Samples

  • 1 or more years of progressive security industry incident response experience
  • Solid understanding of various operating systems (Window, UNIX, Linux, AIX, etc.) with an emphasis on incident response and defending such platforms. Subject matter expertise in one of the operating systems is required
  • Experience fostering and maintaining relationships with key stakeholders and business partners
  • Should be well versed in at least one scripting language (Perl, Python, etc.)
  • Basic understanding of security monitoring techniques such as packet capture, NetFlow, watch lists, black lists, log parsing, correlation, classification, event generation and the incident lifecyle
  • Experience with Security Information and Event Management technologies (Arcsight, QRadar etc.)
  • Experience with SOC ticket management tools (Archer SecOps, RTIR, Resilent Systems IRP)
  • Demonstrated self-motivation with the ability to work under minimal supervision
20

Cyber Defense Operations Engineer Resume Examples & Samples

  • Provide technical / analytical recommendations for improvement to the Security Operations team
  • Work with the Information Security Coordinator to create and improve metrics for Cyber Security reporting
  • Provide analysis of system and network incident response
  • Provide insight into latest threats and counter measures
  • Conducts tests of computer systems to monitor effectiveness of security
  • Configure, implement and maintain security applications and infrastructure to support corporate policies, federal and state security regulations
  • Using security devices such as firewalls, IDS, IPS, threat correlation tools, and vulnerability scanning tools to conduct cyber security investigations
  • Review technical security controls and make recommendations to improve security and visibility
  • Interact with auditors, providing evidence as needed
  • Interact with internal and external clients on security requirements, identify security process and develop strategies/solutions to address security issues while maintaining tight security discipline
  • Collaborate with application and system development teams to configure and deploy systems and applications in a secure manner
  • Conducts tests of network infrastructure, applications and security architecture to identify potential weakness and make recommendations for improvement
  • Evaluate and research SEIM alerts and modify triggers and policies as appropriate
  • Participate in investigations of cyber security incidents including incident response, containment of the incident and forensics
  • Prepares documentation for operational teams in use of security solutions
  • Evaluate proposed system & application changes for security risk.n
  • High school diploma or GED required; Bachelor’s degree in Computer Science, Information Technology, Telecommunications, or Electrical Engineering strongly preferred
  • Certifications preferred: CISSP, CISA; CEH; CSSLP; CCNA, and CCNP
  • Three years of cyber security experience
  • Must have two years of experience with networking, intrusion detection, VPN, PKI, Cisco and PIX firewalls, SIEM, Identity management and encryption technologies
  • Experience in implementing Information Security technologies and/or processes required
  • Experience in vulnerability management and penetration testing
  • Must have hands on working knowledge of UNIX/AIX, Microsoft 2003 and later, firewall multi-layer design and implementation, router access list/packet filtering, WANs, LANs, network protocols and network services, Intrusion detection systems, Virtual Private Network, two factor authentication
21

Cyber Defense Operations Manager Resume Examples & Samples

  • Manages and leads a team of cyber security engineers that support integrations for various applications
  • Ensures that the team efficiently supports cyber security related issues
  • Establishes processes and procedures for supporting security related issues
  • Holds the cyber defense team accountable for timeliness and quality of activities
  • Partners with application development teams to ensure security is built into the development process
  • Ensures that appropriate documentation is created and maintained for all support activities
  • Participates in resolving critical day to day issues
  • Bachelor’s degree or equivalent combination of education and experience
  • 3+ years of directly related experience
  • Excellent organizational and communication skills
  • People management skills and experience in supervisory role
  • Ability to lead and maintain effective working relationships
  • Ability to delegate, prioritize tasks and multi-task throughout the course of the day
  • Identifies problems, researches alternatives, prepares presentations, drives solutions, tests to confirm, gains consensus, and implements solutions for issues that arise
22

Cyber Defense Operations Manager Resume Examples & Samples

  • Five (4) to seven (7) years of leadership experience in progressively responsible roles in a demanding environment
  • Strong and inspirational leadership skills and ability to effectively manage high performing staff
  • Professional experience in applicable discipline and demonstrated experience in evaluating significant IT processes and maintaining a robust Information *Technology control environment for a complex IT organization
  • Under general supervision, the Manager will be responsible for a team of up to 12 individuals including managers, software developers, database administrators, engineers, coordinators and analysts
  • The physical requirements of this position consist of those typical to an office environment including, but not limited to visual attention to computer may be required for extended periods of time, extended hours of sitting and use of desktop automation tools
23

Senior Cyber Defense Engineer Administrator TS Resume Examples & Samples

  • Requires DoD 8570: IAT III and CND-SP Specialty: IASAE II
  • Requires Active TS/SCI Security Clearance
  • Must be willing to obtain and maintain a CI polygraph
24

Senior Cyber Defense Analyst Resume Examples & Samples

  • Develop and maintain A&A documentation. Documentation to include, but not limited to, Configuration Management (CM) baselines, Risk Management Framework (RMF) documentation, security reviews and assessments, Plan of Action and Milestones (POA&Ms), post accreditation documentation, and other security documents as required by the Joint Staff’s Operational Designated Approving Authority (ODAA)
  • Define security requirements and support evaluations
  • Support, initiate and track A&A meetings and maintain documentation
  • Identify attempted and successful penetrations and information attacks and develop COAs
  • Develop and execute plans, processes and corrective actions for cybersecurity issues
  • Perform other relevant duties as required
  • Incident response experience
  • Experience with Computer Network Defense (CND) tools ACAS and HBSS
  • Knowledge of the quarantine process
25

VP, Cyber Defense Operations Resume Examples & Samples

  • Partnering with technology operations, event management, foundational engineering, and the information security office to extend and sustain our defensive and counter threat capabilities
  • Providing guidance, consulting and event leadership to IT operations and application teams specific to requirements to reduce the company’s threat landscape and readiness to respond cross-functionally to security and technology events that either create risk to information entrusted to the company or have the potential to impact operations
  • Leading and managing a team of 400 + people globally (both directly and through influence)
  • Developing and implementing recommendations for an integrated emergency response capability focused on security and technology events
  • Engaging and collaborating with information technology in support of operational initiatives, integrated development operations (DevOps) and programs that support operational activities
  • Managing a diverse portfolio of programs and projects
  • Being fully accountable for prioritizing people, resource, asset and financial management against the cyber defense agenda
  • Establishing and/or evolving operational metrics that measure program outcomes and sustainability and support strategic business decisions and prioritization
  • Driving innovation and evolving an existing Big Data investment delivering continuous monitoring for the enterprise
  • Managing the portfolio of Cyber Defense technologies and tools effectively across performance, cost and integration dimensions
  • Working closely with the CISO, the IRM senior leadership team, other senior leaders and executives to set and drive optimal IRM and Cyber Defense operational management
  • Owning shared accountability for operational execution, agenda prioritization and service management across the IT technology system, including achieving and maintaining performance and stability outcomes
  • 20 + years of progressive career experience in the IRM discipline
  • Mastery of the latest principles and science used to address and combat advanced threats against commercial enterprises and systems
  • Demonstrated technical background and cross-functional expertise in both infrastructure and application security and proven operational and leadership experience in both
  • Experience protecting an integrated IT system that includes internally owned assets and those operated by third-parties, including cloud service providers
  • Track record of success collaborating with a team of diverse individuals from Operations, Business, IT, Legal, Compliance and Privacy disciplines
  • 15 + years of experience leading and managing individuals, program and project activities delivered in different geographies and cultures
  • Demonstrated ability to embrace and personify the UnitedHealth Group culture
  • Experience of deliberately integrating individuals from diverse organizational cultures into an effective and fully aligned team
  • 10 + years of direct accountability for identification of talent and management of individuals from both business backgrounds and technology disciplines
  • History of leadership, management and mentorship of technical subject matter experts who are both direct reports and report to other leaders
  • Strong planning, organizational, collaboration and leadership skills
  • Proven ability to successfully operate and drive change at all operational and organizational levels, whether directly managed or through influence, and across multiple global cultures
  • Results oriented, operations focused and data / information driven decision maker
  • Demonstrated history of creating and operating in a continuous improvement environment
  • Ability to work in and thrive in a highly energized and highly matrixed environment with proven experience influencing direction and strategies in a collaborative manner
  • Selfless commitment to integrated operations with peers and leaders across a complex IT environment
  • True and proven commitment to customer satisfaction and the highest ethical standards
  • Track record of success presenting to senior executives and regulatory auditors
  • Proven adaptability and flexibility in approaches used to fully engage with different audiences
  • Awareness and experience with business processes, application and infrastructure requirements for the healthcare industry
  • Previous experience serving as a CISO or senior equivalent strongly preferred
  • Proven experience in projecting security as an enabler in the latest Agile and integrated development operations (DevOps) highly desirable
  • Industry-specific certifications in information security, including one or more of the following desired: CISSP, CISA and CISM, ITIL, PMP
26

Principal Cyber Defense Engineer Administrator TS Resume Examples & Samples

  • Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents
  • Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  • Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
  • Primary responsibility is Maintain, Configure and Troubleshoot Cyber Defense Systems. The candidate will have experience in one of the following areas
  • McAfee ePolicy Orchestrator as implemented in the DoD HBSS program
  • Linux based serviers and appliances
  • Client\Server technologies and troubleshooting
  • Encase
  • 8-10 years of related experience in data security administration
  • Requires DoD 8570: IAT III and CND-SP Specialty; CND Infrastructure Support
  • Must be willing to obtain and maintain a CI Polygraph
  • Requires a TS/SCI Clearance
27

Senior Cyber Defense Administrator Windows Linux Operations CND Tools TS Resume Examples & Samples

  • Executes policies and guidance provided by senior functional/technical leads
  • Must be DoD 8570: IAT III (either CISA, GCIH, GCED, CISSP, CASP) and CND-SP Specialty: CND-IS
  • Must be willing to obtain and maintain CI polygraph
  • Work location Washington DC
28

Cyber Defense Developers Resume Examples & Samples

  • Interest in security and will to learn more
  • IT/technology background
  • Analytical, able to follow complex instructions
  • Good communication skills both in Finnish and in English
  • Good technical writing skills, able to produce documentation and research solutions both in Finnish and in English
29

Cyber Defense Analyst Resume Examples & Samples

  • Monitor and investigate network and system events to preemptively determine attack
  • Bachelor’s degree in relevant field desired but substantial relevant experience could substitute
  • Background in network/systems/physical security, authentication, authorization and usability
  • Formal training or proportionate work experience in security tools (scanners, Intrusion Detection Systems, and security analysis tools both on the network and on host based systems)
  • GIAC Certified Intrusion Analyst – GCIA
30

Cyber Defense Analyst Resume Examples & Samples

  • Performs monthly and ad hoc vulnerability scans of unclassified and classified network subscriber enclaves
  • Maintain knowledge of emerging threats, vulnerabilities, and intelligence within the cyber security field to ensure subscribers are remediating against known threats
  • Assist subscribers with vulnerability remediation, as necessary
  • Conduct trending and analysis of monthly results to identify high risk vulnerabilities impacting the network and ensure proper security posture from a vulnerability management standpoint
  • Deploy, troubleshoot, and maintain network-based vulnerability scanners at subscriber sites to ensure appropriate coverage of scanning services
  • Maintain knowledge of applicable CND policies, regulations, and compliance documents specifically related to CND auditing
  • Prepare reports for subscribers to assess technical configurations and compliance
  • Generate capture as necessary of the network(s) security posture and provide to CND management for situational awareness
  • Document policies and procedures for the use of vulnerability assessment tools and methodologies
  • Apply technical expertise to perform remote assessments of DoD networks and information systems
  • Possess technical experience in mitigating and/or remediating vulnerabilities or misconfigurations
  • Document findings and severity levels of non-compliance in formalized reporting, written and oral briefs, etc
  • Test and evaluate new technologies, specifically related to network vulnerability scanning
  • Understanding of Information Assurance (IA) and Computer Network Defense (CND) concepts, practices and tools to design and administer classified and unclassified DoD computer networks and systems
  • Ability to communicate complex technical and programmatic information, often in the form of verbal and visual operational updates, situation reports and briefings
  • Computer helpdesk, Systems Administration, Network Administration, and strong customer service skills preferred
  • Understanding of TCP/IP networking required, experience with cyber security related tools preferred
  • Familiarity of Windows Server/Workstation operating systems required, familiarity of Unix/Linux preferred
  • Knowledge of network devices and interconnection (i.e. routers, switches, IDS/IPS, firewalls, and DNS) preferred
  • Familiarity with CJCSM 6510, DoD 8570.1, DODI 8510.01 Risk Management Framework (RMF) for DoD, and DoD DIACAP process
  • Computer Emergency Response Team (CERT) or Security Operations Center (SOC) operations (desired)
  • Security+ certification and Certified Ethical Hacker (CEH) certification, in accordance with 8570.01-M requirements
31

Senior Cyber Defense Analyst Resume Examples & Samples

  • Provide Subject Matter Expertise to aid Program Managers in the development of A&A documentation
  • Perform a technical review of A&A documentation for compliance with applicable DoD and Joint Staff cybersecurity policies
  • Perform system Information Assurance Vulnerability Management (IAVM)
  • Perform Security Technical Implementation Guidance (STIG) compliance audits
  • Perform risk analysis and recommend and mitigate controls
  • Assess security compliance, support program security reviews, and coordinate and compile security-related documentation
  • Assist with the preparation and revision of J7 cybersecurity policy and guidance documents for specific cybersecurity related technologies
  • Provide critical written and oral analysis of security architecture documentation and vulnerability and risk assessments
  • Assist in the development of plan of actions and milestones (POA&M) and tracking of milestones within POA&Ms directly related to cybersecurity requirements
  • Perform validation of cyber security controls in support of Assessment and Authorization (A&A) efforts
  • Coordinate with system owners to ensure the appropriate A&A artifacts are developed to support system authorization
  • Develop IT sustainment documents and actions and renewal documentation
  • Provide security incident reports as required outlining the specific security issue, critical concerns, and remediation actions required to resolve or mitigate the vulnerabilities
  • Serve as security advisor to the Government in all aspects of Cybersecurity and Risk Management Framework (RMF). to ensure the JS J7 meets all requirements
  • Coordinate a team to identify attempted and successful penetrations and information attacks and develop COAs
32

Cyber Defense Tools Analyst Resume Examples & Samples

  • 3+ years of Information Technology experience with network security technologies, as well as host & network-based security strategies
  • Experience with QRadar or other SIEM
  • Network, platform, or security certifications
  • Experience with multiple scripting languages (bash, python, Powershell, AutoIT, etc
  • Experience writing database queries – SQL, ASQL, etc
  • Solid understanding of modern computing infrastructure. – TCP/IP networking, Linux/Windows servers, proxies/firewalls, SAN, NAS, etc
  • Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management
  • Cloud expertise
33

SOC Cyber Defense Senior Manager Resume Examples & Samples

  • Provide technical security leadership
  • Must be able to read and interpret raw packet data
  • Experience with End Point Forensics tools such as Carbon Black and Network Forensics Tools such as Netwitness
  • Experience with Vulnerability scans and penetration testing
  • Actively participate in Advanced Threat and Monitoring events
  • Instruct the Incident Response Team members in the use of new processes/procedures, operating instructions; troubleshoot technical or operational problems in order to help identify root cause of advanced threat incidents
  • Identify and prevent current and future threats
  • Ownership and triage of Information Security incidents through to service recovery
  • Documenting event analysis in sufficient detail that the analysis process can be passed to other security personnel or subject matter experts
  • Be an advocate of information security and privacy programs across the company
  • Support and assist the Risk and Compliance team during PCI Assessment and SOX Audit cycles
  • Serve as subject matter expert to recommend remediation solutions for findings during risk and compliance assessments
  • Generate various management level reports including daily Threat Tracking reports and Advisories and work with the Security Awareness Manager for the purpose of proactive awareness and response
  • Attends periodic review meetings with Incident Response key players to understand current threat landscape and our risk level
  • Serves as an internal security threat/vulnerability/incident response subject matter expert
  • Identifies key security concerns based on threat analysis and uses them to provide Threat Prevention based solutions
  • Work with management personnel to guide SOC associates. Guidance includes training, skills development, work direction for purpose-specific initiatives, and mentoring
  • Implement Security technology related to the SOC, Vulnerability and Threat Management
  • Manage vulnerability scans and penetration testing
  • Analysis of vulnerabilities and managing vulnerabilities to evaluate risks and perform gap analysis for remediation
  • Identification of Threats & vulnerabilities
  • Identify false positive vulnerabilities and validate proactively
  • Coordination of PenTests and vulnerability scans with system and application owners
  • Serve as subject matter expert to review and recommend remediation and/or mitigating controls for vulnerabilities found during scanning and pen testing exercises
  • A broad understanding of the security landscape and its business context / impact
  • Exceptional written and verbal communication skills, including the ability to describe technical mechanics and put them into a humanized context
  • Strong analytical skills and cross functional knowledge across multiple security disciplines
  • Minimum of 8-10 years' experience in security or network architecture/engineering role including designing and deploying security solutions
  • Strong interpersonal, verbal presentation and written communication skills
  • Strong analytical and decision support skills
  • Dataflow, process, operational visualization and workflow documentation capabilities
  • Familiar with interpreting the log output of a wide selection of network and host device classes (HIDS, NIDS, Firewalls, Proxies, Routers, Switches, WAF's, Servers, Desktop Controls, Endpoint Protection, etc.)
  • Functional experience with text and data representation and manipulation (XML, HTML, Regular Expressions, Wiki Markup, SQL)
  • Packet-level behavioral familiarity with most major TCP/IP application protocols ( DNS, SMTP, HTTP, BGP, LDAP, IMAP, SSH, FTP, KRB5, DHCP, CIFS)
  • Strong knowledge of OWASP, NIST, PCI, SOX and best practices
  • Expert technical knowledge of MS Windows, Linux, and Unix operating systems
  • Strong analytical skills (i.e., technical and non-technical problem solving skills)
  • Strong ability to persuade, convince and influence others through collaboration
  • Must have the ability to effectively prioritize work in a highly dynamic work environment
  • Maintain a professional working relationship throughout all levels of the organization
  • Project/program management experience
  • Ability to communicate security-related concepts to a broad range of technical and non-technical staff
  • Must possess a high degree of integrity, be trustworthy, and have the ability to work independent
  • BS in Information Systems or equivalent
  • CISSP, GSEC or GCIA
  • Any of the following are a plus: CISA, CRISC, CISM, PMP
34

Cyber Defense Specialist Resume Examples & Samples

  • Responsible for analyzing and responding to a variety of security events to ensure the events are justifiable
  • Constantly seeking ways to improve the processes within the Security Events Management programs to provide a best of breed, world class service
  • Discussing security issues to a variety of audiences and also assessing risk to the organization
  • 3 or more years of progressive security industry experience
  • Solid understanding of various operating systems (Window, Unix, Linux, AIX, etc) with an emphasis on security logging, monitoring and escalation
  • Excellent oral and written communications skills - Must possess strong analytical skills
  • Experience with computer security incident handling, coordination and response
  • Knowledge and experience required in the areas of security assessment and vulnerability scanning, risk based threat analysis, and security mitigation techniques
35

Cyber Defense Resume Examples & Samples

  • Manage a team responsible for delivering active hunting, red team blue team exercises, and SIEM rule validation; provide the team with technical guidance
  • Provide oversight and direction in the management of the information security monitoring capability as a whole – process and technology
  • Maintain, manage, and update the process for the operating model for the security monitoring capability
  • Mentor and train new personnel
  • Manage and improve information security documentation as required
  • Work with other operational teams to resolve incidents and report on events
  • Provide support during security event and incident investigations when required
  • Lead and/or assist in the resolution of security events by identifying root cause and solutions
  • Help analyze findings in investigative matters, and develop fact based reports of events over period of time
  • Demonstrated integrity in a professional environment
  • Knowledgeable in legal issues within information security environments (e.g., data privacy)
  • Excellent leadership and teaming skills
  • Understanding of electronic security event management, investigation, and methodologies. Including: log correlation and analysis, knowledge of the computer security investigative processes
  • Familiar with a basic understanding of legalities surrounding electronic discovery and analysis
  • Familiar with basic system administration functions for Windows and Unix platforms
  • Experience with programming languages such as Java, Java script, C, C++, C#, ASP, .NET, Unix/Linux and scripting is a plus
36

Cyber Defense Insider Threat Analyst Resume Examples & Samples

  • Be a key member of the the Insider Threat Working Group and the Insider Threat Cell team to the Inforamtion Security Working Group, coordinating with all levels of USCENTCOM leadership and acting as a liaison to local law enforcement, base security and command Counter Intelligence for insider threat concerns
  • Initiate and lead collaborative analytic discussions between USCENTCOM and USSOCOM for information sharing and lessons learned to improve information security and network protection
  • Employee will be responsible to provide reports, briefings, and updates for senior customer and contract leadership
  • Employee will provide analytical support that includes research, documentation and development of tactics, techniques and procedures to support Active Cyber Defense and IA/CND mission
  • Manage escalated security issues from investigation through recommendation and remediation plan implementation
  • Billet requires candidate to be deployment capable as position may require short deployments to the USCENTCOM Area of Operation
  • Employee must be familiar with USCENTCOM area of responsibility
  • Employee must have intelligence experience
  • Employee must effectively communicate clearly and efficiently in both verbal and written communications
37

Cyber Defense Analyst Resume Examples & Samples

  • Cyber Defense Analysts conduct all-source analysis, digital forensics, and targeting to identify, monitor, assess, and counter the threat posed by cyber actors. Cyber Threat Analysts apply their scientific and technical knowledge, skills, and abilities to solve complex intelligence problems and to produce short-term and long-term written assessments and recommended courses of action. They use their analytical, writing, and presentation skills to inform leaders at all levels of threat, risk, and operational context
  • Cyber threat analysis demands initiative, creativity, analytical skills, and technical expertise. Analysts must maintain and broaden their analytical and technical skills, as well as their professional networks, throughout their careers. This is achieved through academic study, practical experience, collaboration with peers, and participation in professional gatherings. They may also pursue additional studies and cross-functional training in fields relevant to their areas of responsibility
  • Cyber Defense Analysts compile cyber threat data gathered from various sources including independent research and analysis, cybersecurity operations activity, system behavior, defensive cyber capabilities (i.e., McAfee systems), and etcetera. They look at emerging technology and technology trends, cyberspace tactics, techniques, and procedures, and adversarial capability and intent. They use all of this information to develop comprehensive and detailed threat assessments that inform defensive cyberspace operations
  • On a near real-time basis, Cyber Defense Analysts analyze cyber threat Indications & Warnings and fuse unclassified/open source cyber threat information with proprietary or client internal threat intelligence. They enrich their analyses through correlation of threat intelligence with internal and external network activity and system behavior to provide insight into every stage of a potential adversary’s cyber kill chain
  • Cyber Threat Analysts generally possess bachelor's degree in computer science, computer engineering, digital forensics, cyber security, telecommunications, information assurance, security studies, or relevant and sufficient practical experience as described in the experience section
  • Cyber Threat Analysts are well-versed in intelligence techniques, practices, and procedures, and they demonstrate an understanding of US national security interests
  • They have experience with government classified and unclassified computer systems and networks
  • They possess master-level verbal presentation and writing skills, including the demonstrated ability to write clear, complete, and concise text that synthesizes and communicates complex information effectively to diverse audiences comprised of technical experts and laypersons
  • They have excellent analytical abilities and a strong ability to think creatively
  • Cyber Threat Analysts generally demonstrate or possess:Certifications CEH, CEPT, LPT, ECSA, CISSP, Security+, GIAC Web, wireless, forensics, mobile, exploit researcher Experience taking disparate, seemingly-unrelated intelligence and extract meaning or relevance from the data
  • Effective analytical and critical thinking skills - proven problem solving and follow-through
  • Effective documentation and verbal communication skills in customer-facing roles
  • Demonstrated successful ability to multi-task and perform in an interrupt-driven, non-deterministic environment while working independently and as a team
  • Demonstrated self-starter and team player with ability to quickly learn new concepts with guidance from senior team members
  • Ability to lead others and deliver results brief leadership, customers, etc
38

Cyber Defense Tools Specialist Resume Examples & Samples

  • 2+ years of experience with performing systems administration in Windows, Linux, or VMware environments, including performing basic troubleshooting, installation, and configuration, monitoring system performance and availability, and performing security upgrades
  • 1+ years of experience with performing application whitelisting and blacklisting using Bit9 Parity, RES One, or customized capabilities or enterprise and domain configuration and administration for Group Policy editing and enforcement or security tool administration or network and domain administration in Active Directory in lieu of whitelisting and blacklisting expertise
  • 2+ years of experience with Linux Administration in Debian and RedHat distribution variants and derivatives
  • Experience with integrating Cybersecurity data using enterprise or custom tools data aggregation and analysis tools in Splunk
  • Knowledge of providing support in an IT operations and maintenance Tier II role, including ticket work information updates, issue response, and remediation
39

Solution Expert Orange Cyber Defense Resume Examples & Samples

  • Organizational awareness : advanced
  • Knowledge & development : expert
  • Teamworking & networking : expert
  • Commercial acumen : advanced
  • Addressing client needs and solving client problems : expert
  • Business acumen and entrepreneurial thinking : advanced
  • Closing skills : advanced
  • Written communication skills : expert
  • Oral communication skills : expert
  • Formal presentation skills : expert
  • Facilitation skills : advanced
  • Listening skills : expert
  • Project risk assessment and planning : advanced
  • Multi-vendor positioning : expert
40

Cyber Defense Center Analyst Resume Examples & Samples

  • Monitor, assess, triage IT security events, anomalies and/or trends in threat landscape using internal and external logging and monitoring sources
  • Evaluate the type and severity of security events by making use of packet analysis, log analysis, troubleshooting and understanding of exploits and vulnerabilities
  • Maintaining excellent customer engagement and relationships, listening to voice of the customer
  • Understanding technological trends, information security and technical security controls
  • Act as a communication interface between the incident management and crisis management functions
  • University/college degree in IT or engineering
  • Prior experience in an information security role is an advantage, however junior talents are also welcome
  • Understanding of networking and packet analysis
  • Awareness of IT Support processes, such as ITIL
  • Experience administering and/or analysing Linux, UNIX, Windows, and mobile operating systems is preferred
  • Experience with SIEM and/or Intrusion Detection and Prevention System (IDPS) tools is a plus
  • Fluent Hungarian and English language skills
  • Focused “can-do” positive attitude
  • Structured thinking and analytical skills
  • Security Certifications (SANS others) are considered as an advantage
  • Willingness to work in shifts
41

Cyber Defense Oversight Resume Examples & Samples

  • Define cyber security requirements as they relate to the firm’s Infrastructure and production environment
  • Develop associated control plans
  • Implement and document necessary framework to operate the controls
  • Computer Science or Information Security degree
  • Information Security knowledge : Concepts, cybersecurity threats and controls
  • IT proficiency : Operating Systems, Network protocols, middleware, database
  • Proficiency in documenting reports and presentations
  • Organizational and work documentation proficiency
42

VP Cyber Defense Specialist Resume Examples & Samples

  • Formalize the requirements and associated monitoring controls
  • Develop, implement and operate the associated control plans
  • Collaborate on a permanent basis with security operational and engineering teams in charge of developing the required controls in the Firm’s environment
  • Report to Management on the activities and operations alignment with requirements
  • Report to Management on the controls in place and their results, as they relate to the monitoring of the operational teams activity
43

Application Cyber Defense Senior Manager Resume Examples & Samples

  • Overall responsibility of Experian's applications penetration testing program and remediation
  • Lead a team responsible for conducting advance manual ethical hacks (MEH) tests of applications, including internal and external penetration testing and automated web application security testing
  • Evolve the delivery model for the Application penetration testing service, including roles and responsibilities, remediation plans, business partner engagement model, rollout of best practices, etc
  • Hire, manage, and develop staff of application penetration testers and coordinators by providing direction, establishing clear and measureable objectives, managing performance, training and coaching
  • Establish and refine the resource planning model to help project capacity requirements, and forecast sub-contractor usage
  • Ensure effective knowledge management of findings and review results of any attack campaign in order to determine severity of findings and identify potential remediation or mitigation strategies
  • Evangelize and encourage a culture of Secure Application Development in Experian
  • Develop communications program for application threats, including external and internal security events
  • Manage proofs of concept of 0-Days and critical vulnerabilities as they are realized
  • In-depth research of the latest adversarial tactics, techniques and procedures (TTPs) and technologies to remain at the bleeding edge
  • Create and support KPIs and KRIs that measure risk reduction and progress over time
  • Builds a high performance team
  • Develops and mentors staff and managers to achieve career goals and maintain leadership succession planning and leads cross-functional teams to define objectives, strategies and domain performance metrics
  • 10 years of escalating managerial work-experience in a highly diversified organization. 10+ years of increasing responsibility and work complexity to include progressive management roles in large, complex organizations
  • Expert knowledge of penetration tools such as Kali linux, Burpsuite, Nessus, Metasploit etc
  • Expert knowledge of existing, emerging threats, web security principles and attack vectors
  • Extensive knowledge of information and technology security management technologies, methods, standards, and processes as well as knowledge of compliance, legal, internal / external audit & regulatory requirements
  • Strong Expertise with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), and National Institute of Standards and Technology (NIST) Special Publications
  • Strong expertise in the collaboration, facilitation and coordination with the business units for the mitigation of risks
  • Strong understanding of Application Design, DevOps, TCP/IP fundamentals, network protocols, system administration and network architectures
  • Experience and exposure to large organizational implementations of vulnerability management programs, with specific emphasis on application security, metrics development and reporting
  • Experience with programming at least one of the following: Perl, Python, ruby, bash, C or C++, C#, or Java, including scripting and editing existing code
  • Knowledge of Web Frameworks such as Spring, Struts Hibernate, ASP, JSP etc and APIs (JSON/REST/SOAP)
  • Understanding of APIs (JSON/REST/SOAP) An aptitude for technical writing, including assessment reports, presentations and operating procedures
  • Ability to solve very complex security issues that span legal, compliance and regulatory obligations across various lines of business and shared service areas of the company
  • Knowledge of common information security management frameworks, including but not limited to: ISO 27001/27002, ITIL, COBIT and NIST
  • Professional security management certification, such as a CISSP, CISM, CEH, OSCP/E, GWAPT, GPEN, or GXPN certification(s) or other similar credentials, is desired
44

Senior Cyber Defense Analyst Resume Examples & Samples

  • 8570 IAT Level 2 certification (Security+, CCNA-Security, or equivalent) w/ the ability to obtain CND-A certification w/in 180 days of start date
  • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures
  • Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC) and other attack artifacts in support of incident investigations
  • Motivated self-starter with strong written and verbal communication skills and the ability to create complex technical reports on analytic findings
  • Perform analysis on relevant network defense data from various sources to establish the timeline of events associated with both attempted and successful network intrusions
  • Maintain a high level of situational awareness, and leverage existing understanding of threats to prioritize analysis
  • Inform countermeasures through identification of new tactics, techniques, and procedures used by threat actors
  • Mentor junior analysts
  • Support the development of analytical procedures and advanced detection and correlation content to meet changing requirements, and continue evolution towards a threat-focused Defensive Cyber Operations (DCO) strategy
  • Support the refinement of SIEM reports to track trends and demonstrate countermeasure effectiveness
45

Cyber Defense Engineer Resume Examples & Samples

  • Intrusion monitoring, attack analysis, and incident response duties as required and directed
  • Monitor open source feeds and reporting on the latest threats against computer network defenses
  • Utilize attack and malware analysis techniques, advanced statistic and dynamic analysis to identify and assess malicious software and behaviors
  • Provide technical expertise regarding the defense of company information systems and networks
  • Initiate computer incident handling procedures to isolate and investigate potential network information system compromises
  • Perform malware and/or forensic analysis as part of the incident management process
  • Identify risks to computer systems and make written and verbal remediation recommendations to leadership
  • Supports incident escalation and assesses probable damages, identifies damage control and remediation, and assists in developing courses of action
  • Coordinate efforts of and provide timely updates to multiple business units during response
  • Takes an active part in the containment of incidents
  • Applies cyber defense concepts to go-forward environments such as public cloud - AWS, Azure, etc
  • Must have previous working knowledge of cyber threat capabilities and technical capabilities to defend networks and systems
  • In-depth understanding of OSI model, network port, protocol and service expertise
  • Advanced knowledge and experience with Windows and Linux Operating Systems and common applications
  • Advanced knowledge of normal operating system behavior
  • In-depth knowledge of Advanced Persistent Threat (APT) tactics and related countermeasures
  • Advanced understating and previous working experience with system forensics, incl one or more of the following
  • File system, registry, etc. artifacts commonly associated with malware or malicious activities
  • Memory analysis
  • Ability to distinguish between indicators of advanced and common malware/attack
  • Malware reverse engineering
  • Proficiency with the use of network analysis tools and network security devices
  • Understanding of core networking concepts (TCP/IP, etc.) and common protocols (HTTP, FTP, etc.)
  • Experience with AntiVirus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions
  • Familiarity with various network and host based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages
  • Experience with AWS and Azure and strong plus
  • Experience with next-gen Endpoint Detection and Response Tools a strong plus
  • Familiarity with automation concepts and proficiency in scripting languages such as python, perl, ruby, javasscript, powershell, etc
  • Strong analytical skills and critical thinking skills
  • Effective communication skills (both written and verbal)
  • Ability to present technical concepts to non-technical audiences
  • Sound decision-making and judgment, especially under pressure
  • Strong organization, prioritization, and rationalization skills
  • Bachelor's Degree or higher in the field of Computer Science or Information Security or related field (may be substituted for experience and industry certifications)
  • 3-5 of experience in cyber security or related technology field preferred
  • 2+ years of experience in incident response, forensics, or related activities
  • Individual technical Cyber Security Certification through one of the recognized bodies preferred: SANS, ISACA, (ICS)2, CompTIA, Cisco, CERT etc
46

SOC Advanced Cyber Defense Team Member Resume Examples & Samples

  • Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups.. Execute daily adhoc tasks or lead small projects as needed
  • Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
  • Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of Vulnerability & Threat Management process
  • Perform assessment as well as troubleshooting and help isolate issues with IDS/IPS sensors, Antivirus servers, Vulnerability scanners
  • Participate in daily and ad-hoc conference calls as well as compliance & controls, self-assessment processes and documentation related tasks
  • 4+ years working in the security & operations fields
  • Bachelor's Degree or higher preferred
  • Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
  • Ability to read and understand packet level data. Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)
  • Knowledge of cutting edge threats and technologies effecting Web Application vulnerabilities and recent internet threats
  • Exposure on Vulnerability assessment as well as penetration testing or forensic analysis fields are an advantage
  • Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]
47

Cyber Defense Engineer Resume Examples & Samples

  • A bachelor’s degree in systems engineering, computer engineering, computer science, or other closely related discipline
  • 5- 7 years of knowledge and hands-on experience in systems engineering to include network infrastructure design, storage, backup, platforms, middleware, application, monitoring, and security, with an emphasis in engineering design, configuration, implementation, operations and maintenance of a variety of security technologies
  • 8570-compliant IAT Level I certification, such as Security + CE
  • Web and email security applications / appliances
  • Demonstrated 5 years knowledge and hands-on experience with network security applications, protocols and associated hardware
  • Demonstrated 5 years knowledge and hands-on experience working with SIEM applications such as, Arcsight, QRadar or Nitro
  • Spunk with hands-on with content creation
  • Threat Intelligence and visualization technologies
48

Cyber Defense Sme-fort Meade, MD Resume Examples & Samples

  • Hold and maintain an active TS/SCI clearance
  • Motivated self-starter with strong written and verbal communication skills
  • Hold an expert level understanding of common security elements, defense-in-depth, TCP/IP, common networking ports and protocols, traffic flow, system administration and OSI model
  • Experience and proficiency with any of the following technologies: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics
  • Experience with malware analysis concepts and methods
  • Experience implementing enterprise cyber defense transformational activities
  • Experience supporting DISA’s Network Assurance
49

Cyber Defense Specialist Resume Examples & Samples

  • Responsibility for analyzing and responding to a variety of security events to ensure the events are justifiable
  • Improving the processes within the Security Events Management programs to provide a best of breed, world class service
  • 2 or more years of progressive security industry experience
  • Proficient understanding of various operating systems (Window, Unix, Linux, AIX, etc) with an emphasis on security logging, monitoring and escalation
  • Must possess strong analytical skills
  • Experience with computer security incident handling, coordination and response preferred
  • Knowledge and experience preferred in the areas of security assessment and vulnerability scanning, risk based threat analysis, and security mitigation techniques
50

Cyber Defense Principal Consultant Resume Examples & Samples

  • 10 years’ experience working in IT Security and Information Security in various industry sectors
  • Holds a university degree
  • Experience as a Security Consultant in Security Strategy and Transformation, mainly developing and implementing Security Improvement/Transformation Programs, especially driven by major incidents or breaches
  • Real and recent experience of managing major incident responses with deep understanding of all phases of incident response
  • Able to communicate short tactical remediation activities and long-term complex value propositions to clients, including C-level executives
  • Understanding of APTs, new threats actors’ tactics and techniques
  • Provide expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence
  • Development and delivery of security improvement & transformation plans
  • Detailed understanding of and experience in IT Security and Information Security
  • Experience in working with executives and senior management within clients to capture requirements and formulate solutions
  • Good understanding of Assurance Practices and Risk Management, with hands on experience
  • Ability to identify solutions to resolve security gaps in solutions, systems and designs
  • Experience in producing security documentation such as a Security Improvement Plans, Security Management Plans, Security Policy and other ISMS components
  • Significant experience of security processes and standards, in particular ISO27001 and COBIT 5
  • High level knowledge of security audit and accreditation processes
  • Appreciation of future trends in IT and Information security
  • Ability to adapt to new security regimes
  • Experience of working as an expert security consultant
51

Cyber Defense Analyst Resume Examples & Samples

  • 15 years of experience with Cybersecurity
  • 10 years of experience with acquisitions
  • 3 years of experience with executive decision support
  • Knowledge of Cyber policy
  • Experience with one or more major DoD Weapons Programs
  • Knowledge of Program Protection Planning
52

Cyber Defense Analyst Lead Resume Examples & Samples

  • 15+ years of experience with Cybersecurity
  • 10+ years of experience with acquisition
  • 3+ years of experience with executive decision support
53

Cyber Defense Resume Examples & Samples

  • Bachelor’s degree in Computer Science, Business Administration or equivalent educational or professional experience and/or qualifications
  • 4+ years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detection
  • Must have been in a level 2 SOC Analyst role for at least two years
  • In depth experience with the following technologies: leading SIEM technologies, IDS/IPS, network- and host- based firewalls, data leakage protection (DLP), DAM (Database activity monitoring)
  • In depth, hands-on experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management, Firewall Management, SANS/NAS, Web servers, IAM/AAA, IDS/HDS, System vulnerability scanning tools, Application/Database vulnerability scanning tools, mobile device analysis or Secure coding
  • In depth understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc
  • Advanced knowledge of leading SIEM solutions
  • Experience with SOC ticketing systems and proven SOC process knowledge
  • Advanced knowledge in system security architecture and security solutions
  • Advanced knowledge in networking, message transport, and endpoint security
  • Excellent interpersonal and organizational skill and excellent oral and written communication skills
54

Cyber Defense Specialist Resume Examples & Samples

  • Identifies and manages risks and issues as a subject matter expert for daily operational support and projects
  • Provide Security Infrastructure management, Security Monitoring and Incident Response, Vulnerability Management services to clients across all industries and internal projects
  • Perform security incident investigations, determine the cause of the security incident and preserve evidence for potential legal action
  • Perform basic malware analysis and IoC extraction
  • Make recommendations on incident classification, prioritization, containment, eradication and recovery in order to implement appropriate corrective action
  • Design, develop and create correlation rules within the Security Information and Event Management (SIEM) platform
  • Provide Tier II support to customers and respond and resolve Level II incidents within the agreed SLA
  • Maintain of a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations
  • Provide guidance and insight, as well as follow directives as necessary to complete accelerated deployment of the SIEM, IPS/IDS, firewall and other security infrastructures
  • Appropriately inform and advise management on incidents and incident prevention
  • Encourages and implements continuous improvement measures on day-to-day basis
  • Manage the process of gathering, analyzing and assessing the current and future threat landscape
  • Leverages extensive knowledge of communications in a manner that provides business value to the IT Organization
  • Required to identify, assess, and resolve complex issues/problems within own area of responsibility
  • Improve Incident remediation and prevention processes and procedures
  • Document and conform to corporate and/or client security policies
  • Participate in knowledge sharing with the rest of the team and develop solutions efficiently
  • Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
  • Coordinate measure and report on technical and service (KPI, SLA) aspects of security management
  • Manage and coordinate operational components of incident management, including detection, response and reporting
  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk
  • Manage security projects and provide expert guidance on security matters for other IT projects
  • Ensure security infrastructures are maintained efficient and monitored
  • Perform security testing to assess the security of systems, networks and applications, and manage the remediation of identified risks
  • Bachelor’s degree in Computer Science, MIS, Engineering, Math, or Business; or relevant experience in some of these fields
  • At least 4 years of experience in Cyber Security, Infrastructure Security, Threat and Vulnerability Management or Security Incident Management
  • Good understanding of concepts and hands-on experience on products such as SIEM (es. Splunk, HP Arcsight, AlienVault, QRadar, RSA Security Analytics), IPS/IDS (Cisco Firepower, IBM Proventia, Tippingpoint), vulnerability management (Nessus, Qualys), antispam (Cisco ESA, IronPort), web content filtering (Cisco WSA, Forcepoint, BlueCoat), firewalls / UTM (Fortigate)
  • Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring
  • Proven documentation skills including proficiency with the documentation and documentation maintenance for process work flow diagrams
  • Ability to work independently and make appropriate decisions or escalations with minimal supervision in a dynamic team environment
  • Strong knowledge of networking and security fundamentals. Complete understanding of TCP/IP, HTTP, HTTPS, SSL/TLS protocols
  • Working knowledge of Microsoft Windows and Unix/Linux operating environments
  • Basic programming and scripting skills (Bash, Perl/Python, Java/C/C++, Javascript)
  • Willingness to provide on call support for critical production issues
  • Experience with network traffic collection and analysis tools and techniques
  • Knowledge of application attack vectors from OWASP Top 10 list including injection, Cross Site scripting, XSRF, etc
  • Knowledge of various open source security tools such as network (nmap) and vulnerability scanners, proxies, fuzzers, etc
  • Port scan and Vulnerability scanning techniques (should have hands on experience)
  • Operational knowledge of system and network security engineering best practices and architecture
  • Good communication skills both in Italian and in English
  • Experience working in a diversified, virtual environment
  • Administrational tool development and maintenance
  • Hands-on experience in pentesting (infrastructures and web/mobile applications), malware analysis and source code auditing
  • Understanding of frameworks such as ISO 27001/27002 and/or PCI-DSS
  • Certifications such as SSCP, OSCP, CISSP, CISM, GIAC-GCIH, ISO 27001 LA
55

Cyber Defense Analyst Resume Examples & Samples

  • 15+ years of experience in a professional work environment
  • 10+ years of experience with acquisitions
  • Knowledge of program protection planning
  • Experience with one or more major DoD weapons programs
56

Cyber Defense Resume Examples & Samples

  • Manage a global team responsible for operating the SIEM solution; provide the team with technical
  • 8+ years’ experience with managing a technical Cyber Security team
  • Familiar with basic system administration functions for Windows and UNIX platforms
57

Cyber Defense Analyst, Lead Resume Examples & Samples

  • 15 years of experience with Cyber policy and compliance
  • 3+ years of experience with providing executive decision support for high-level government officials
  • Knowledge of Defense Industrial Base (DIB) Cyber policy
58

Senior Cyber Defense Architect Resume Examples & Samples

  • Bachelor Degree and 10 years of experience in the information security field with expert knowledge of platform, application, storage, data, network, virtualization, cloud and mobile security
  • Understanding of enterprise technologies, operations, and architectural principles and models. Knowledge of virtualized data center architectures and operations, SOA-type deployments, web services and multi-tier web applications, directory services, Cloud services, and WAN/MAN/LAN wired and wireless protocols and technologies supporting a diverse set of business use cases
  • Experience with requirements analysis and the development of use cases, architectural views (e.g. conceptual, logical, physical), reference models and architectures, architectural principles, and architectural patterns
  • Written and verbal communication skills. Must be able to effectively present technical concepts to a non-technical audience
  • Bachelor's OR Master's Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience
59

Cyber Defense Detection Analyst Resume Examples & Samples

  • Monitor and respond to events escalated through the Security Information and Event Management (SIEM)
  • Interface with CME Group employees that are reporting security issues through established communication channels
  • Document security events in Incident Tracking System
  • Provide support for Junior Analysts in validation and assessment of security events
  • 2-4 years of experience (typical) in Information Security
60

Cyber Defense Response Analyst Resume Examples & Samples

  • Act as lead incident handler for low severity incidents
  • Perform technical analysis of multiple sources of data, including network flows/packet data, host forensic artifacts, and application/system logs
  • Manage incident communications, including establishing/scheduling bridge lines and periodic incident update calls
  • Document incident tasks and updates in the incident management system
  • 2-4 Years (Typical)
  • Successful candidates should be able to demonstrate a passion for information security through course work/degrees completed, self-study, and/or certifications that have been completed
61

Cyber Defense Senior Specialist Resume Examples & Samples

  • Actively looking for ways to improve the processes around the program to provide a best of breed, world class service
  • Communicating security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators
  • Maintaining a deep understanding of current threat, vulnerabilities, attacks, countermeasures and how to respond effectively to them while providing training to the rest of the team on these items
  • Taking ownership and driving forward the capabilities and maturity of the Citizens penetration testing and overall Vulnerability Management programs by identifying appropriate technologies, policies, communication channels, organizational structures and relationships with internal partners
  • Developing meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
  • Facilitating the Governance Board for the Penetration Testing Program
  • Delivering the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests
  • Fostering and maintaining relationships with key stakeholders and business partners
  • Overseeing the penetration testing of applications (to include mobile applications) as well as wired and wireless network environments
  • 5 or more years of progressive security industry experience
  • Ability to demonstrate manual testing experience using methodologies such as OWASP Top 10
  • Deep understanding of CVSS, CVE, CWE, CPE, CCE, CWE, OVAL, SCAP and other standards
  • Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Nessus, NeXpose, Kali, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, w3af, NTOSpider, ZAP Proxy, IronWASP, Parrot, SamuraiWTF
  • Knowledge of networking fundamentals (all OSI layers)
  • Must be well versed in at least one scripting language
  • Proficiency with the Microsoft Office suite, with a heavy emphasis in Excel
  • Self-motivation with the ability to work under minimal supervision
  • Should have knowledge of C, C#, Python, Objective C, Java, Javascript, SQL, Swyft
  • Should have knowledge of web frameworks, including XML, SOAP, J2EE, JSON and Ajax
  • Should have knowledge of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX