RADAR Analyst - Philadelphia, PA
BTB's Rapid Advanced Detection And Response (RADAR) Service is seeking talented professionals to join our team of world class security experts. The RADAR team is working with our clients and helping to identify threats, investigate security events, and respond to incidents. RADAR provides more to our clients than the typical run-of-the-mill security monitoring service and RADAR analysts bring more to the table than your typical SOC log review analysts.
RADAR leverages a "no-blindspots" approach to security monitoring that includes the collection of security events and data from a myriad of sources. While RADAR has outstanding built-in intelligence to analyze this data, we know that there is no substitute for the judgment and analysis capabilities that comes from human security expertise. This is where you, the RADAR Analyst, fits in our service offering.
RADAR Analysts utilize the information available through RADAR to perform technical investigations of potential threats to our clients' information assets, as well as provide expert technical guidance during incident response efforts.
During the investigation phases, RADAR Analysts will leverage technical information such as intrusion detection alerts, firewall events, system and application logs, full packet captures, and even endpoint process tracking to identify the root cause of the attack. The RADAR Analyst will then determine whether the attack was successful and provide notification to the client.
The RADAR Analyst plays an integral role during RADAR's incident response phase. When security incidents are identified the RADAR Analyst is responsible for interfacing with clients directly and providing expert guidance to help respond to the incident. This will include elements such as advising clients on specific defensive actions to take, identifying additional indicators of compromise, and depending on the RADAR Analyst's skill set, malware analysis and forensic examination.
If you are looking to work with world class professionals while making your mark on the security consulting space, you will want to know more about RADAR and the BTB team. See our skills inventory below, and if you think you have what it takes, please contact us.
Demonstrable Skills and Capabilities
- Strong interpersonal, organizational, communication, and writing skills
Being a RADAR Analyst means engaging with clients; meeting their objectives and communicating the details associated with potential threats is critical to success. You must be the expert in the room, and able to communicate and support your recommendations.
- Independent investigative skills
The RADAR Analyst must be able to make sense of the technical information at their disposal. This includes the capability to investigate technical elements they might never have seen before. While senior personnel are available to provide assistance it's up to the RADAR Analyst to investigate the issue prior to escalation.
Required Technical Skills
- Working knowledge of the TCP/IP suite of protocols
- Conceptual knowledge of network and systems architecture
- Network segmentation (e.g., DMZ)
- Intrusion Detection Systems
- Web application architecture
- Active Directory
- Solid understanding of how major application layer protocols function (e.g., HTTP, SMTP, DNS)
- Basic knowledge of categories of malware and how they function (e.g., rootkits, trojans, adware)
- Conceptual understanding of vulnerabilities and attack vectors such as:
- SQL Injection
- Brute force attacks
- Malware infection vectors
- Phishing attacks
- Driveby/Redirection attacks
- Certifications are always a plus, but not required:
- Programming/Scripting (e.g., Perl, Python, Ruby)
- Network traffic analysis skills
- Comfortable in multiple operating systems (Windows, Linux, Unix, OSX)
- Cross training opportunities with assessment team
- Penetration Testing
- Vulnerability Assessments
- Established roadmap for growth within BTB
- Great resume builder as you'll be working with a wide range of technologies (we'd rather you stay with us of course, but we understand the industry)
- Help guide the development of RADAR; if you see an area for improvement, be part of building that enhancement
- You'll be part of a team so feel free to ask for help or offer it
- Position located in Greater Philadelphia area (relocation assistance is not available)