Intrusion Analyst

The Intrusion Analyst will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. You’ll perform your work as a SOC Analyst where you will be responsible for identifying malicious threat actors, thwarting hackers, and preventing data breaches. You will work the industry’s leading security technology at your fingertips to analyze security events, prioritize, investigate, and contain incidents.

The Intrusion Analyst will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. You’ll perform your work as a SOC Analyst where you will be responsible for identifying malicious threat actors, thwarting hackers, and preventing data breaches. You will work the industry’s leading security technology at your fingertips to analyze security events, prioritize, investigate, and contain incidents.

Morphick Threat Intelligence Center
Managed Detection and Response, Cincinnati, OH USA

About Us

Morphick provides cyber security Managed Detection and Response (MDR) services to organizations globally. Morphick’s proven approach combines attack detection, threat hunting, incident response, and tailored threat intelligence to deliver morphing defensive postures. Morphick enables organizations to become moving targets always staying ahead of attackers. 

If you are looking for a challenging career where you will be immersed amongst the top experts in the field, on the cutting edge of security and technology, with an opportunity to grow and be a part of a diverse, dynamic, and growing global team, then join our mission at Morphick. Our culture of innovation and imagination, coupled with industry leaders who will inspire you, make Morphick an exciting place to grow your career.

Job Summary

The Intrusion Analyst will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. You’ll perform your work as a SOC Analyst where you will be responsible for identifying malicious threat actors, thwarting hackers, and preventing data breaches. You will work the industry’s leading security technology at your fingertips to analyze security events, prioritize, investigate, and contain incidents.

Responsibilities

• Perform host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM) as needed
• Communicate findings to customers and management
• Perform daily incident detection and response operations with a schedule that may involve non-traditional working hours
• Identify compromised computers using logs, live response, and related computer centric evidence sources
• Regularly collect host-based artifacts and perform forensic analysis of those artifacts to determine if the asset has been compromised
• Work with Intel team to fine tune signatures
• Assist the IR team in the incident response process

Desired skills

• Excellent verbal and written communication skills
• Strong analytical skills and the ability to clearly and concisely document findings to report and/or escalate cyber incidents to customers and management
• Network-centric analysis (NSM) experience, and deploying and scripting detection solutions with Bro-IDS a plus.
• Familiarity with scripting / programming (Python, Perl, C, etc.)
• An understanding of APT, Cyber Crime, and other associated tactics
• Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)
• Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)
• Experience with network forensics and/or network security monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)
• Any experience with malware and reverse engineering is a plus (dynamic and static analysis)
• Strong IT infrastructure background including familiarity with the following:
• Networking (TCP/IP, UDP, routing)
• Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
• Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)
• System/application vulnerabilities and exploitation
• Operating systems (Windows, *Nix, and Mac)
• Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques
• Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG
• Relevant technical and industry certifications are a plus, e.g., GIAC certifications

Qualifications

Bachelor’s degree in computer science, information systems,  or a related technical degree.

Eligibility Requirements

Must be willing to work different shifts, including swing (2nd shift) and 3rd  shift hours in a 24/7/365 environment.

Morphick only employs those who are legally authorized to work in the United States for this opening. Employment is conditioned upon the successful completion of a background investigation and drug screen.

To Apply

Send Resume & Job Title to mdrcareers@morphick.com