Georgia IT Inc
Cyber Security SME - Chicago, IL
Georgia IT Inc, Chicago, Illinois, United States, 60290
Position: Cyber Security SME
Location: Chicago, IL
Duration: 6-12 Months
Rate: DOE
US Citizens and Green cards are Preferred. Expertise in cybersecurity solutions like SOC, MDR, SIEM, SOAR, DAM, etc. Configure rules for real-time alerting in SIEM tool for events, analytic rules, automation rules, hunting queries & Playbook. Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide defensive action to locate and prevent threats. Knowledge of 3rd party tools Crowdstrike, LogRythem, Netspoke, Semperis, Illumio Identity and Access Management - RBAC, Conditional Access Policies, Active Directory ID, PIM/PAM, Active Directory Connect, AD FS, ID Protection, MFA Security monitoring includes log aggregation/centralization, correlation, and alerting of security events and incidents. Participates in the incident response and investigation process. Knows about network architecture and protocols like TCP/IP, HTTP, etc. Security Services - Security Operation Center, Key Vault, Log Analytics, Monitor Apply and implement cloud security technologies. Review existing cloud security measures and processes. Implement security as a core part of all design and development of the client's cloud solutions. Recommend best practices based on leading industry insights. Map security controls to compliance requirements for cloud environments. Provide incident response support as a key stakeholder. Identify, triage, and remediate security detections and anomalies. Work creatively and analytically in a problem-solving environment
US Citizens and Green cards are Preferred. Expertise in cybersecurity solutions like SOC, MDR, SIEM, SOAR, DAM, etc. Configure rules for real-time alerting in SIEM tool for events, analytic rules, automation rules, hunting queries & Playbook. Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide defensive action to locate and prevent threats. Knowledge of 3rd party tools Crowdstrike, LogRythem, Netspoke, Semperis, Illumio Identity and Access Management - RBAC, Conditional Access Policies, Active Directory ID, PIM/PAM, Active Directory Connect, AD FS, ID Protection, MFA Security monitoring includes log aggregation/centralization, correlation, and alerting of security events and incidents. Participates in the incident response and investigation process. Knows about network architecture and protocols like TCP/IP, HTTP, etc. Security Services - Security Operation Center, Key Vault, Log Analytics, Monitor Apply and implement cloud security technologies. Review existing cloud security measures and processes. Implement security as a core part of all design and development of the client's cloud solutions. Recommend best practices based on leading industry insights. Map security controls to compliance requirements for cloud environments. Provide incident response support as a key stakeholder. Identify, triage, and remediate security detections and anomalies. Work creatively and analytically in a problem-solving environment