Senior Cyber Response Analyst

SOSi Wiesbaden

Stellenbeschreibung:

Overview

SOSi is seeking a Senior Cyber Response Analyst in Wiesbaden, Germany . The ideal candidate will possess senior-level expertise in identifying, triaging, and neutralizing sophisticated cyber threats. This role involves performing deep-dive forensic analysis, malware investigation, and coordinating enterprise-wide responses to security incidents to ensure the resilience of critical mission networks in support of theater-level mission requirements.

Responsibilities

Monitor and analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) platforms to detect malicious or anomalous activity across the enterprise.
Lead the evaluation of security events to determine the scope and severity of incidents, performing rapid triage to mitigate immediate risks.
Perform advanced technical forensics on various media, including hard disk drives (HDD) and solid-state drives (SSD), and conduct malware analysis to understand threat vectors.
Analyze complex data sets, including packet captures (PCAP) and network logs, to draw definitive conclusions regarding past, present, and potential future security breaches.
Coordinate response efforts between technical engineering teams and non-technical stakeholders to ensure a unified defense posture.
Maintain expert-level knowledge of hacker Tactics, Techniques and Procedures (TTPs) and the current global threat landscape to proactively harden theater defenses.
Articulate detailed investigative findings and after-action reports to both technical audiences and executive leadership.

Qualifications

Minimum Requirements

Active in scope TS/SCI clearance.
BA/BS degree (Engineering, Computer Science, Science, Business Administration, or Mathematics) plus five (5) years of specialized experience OR Associate’s degree plus seven (7) years of specialized experience OR a major professional certification plus seven (7) years of specialized experience OR eleven (11) years of specialized experience.
Possession of at least one of the following: Cisco Certified: CyberOps Professional or GIAC: GCIA or GCIH or GCFE or GNFA or GREM or Blue Team Level 2 (BLT2) or Microsoft Certified: Cybersecurity Architect Expert or Offensive Security Defense Analyst (OSDA).
Demonstrated experience in monitoring intrusion detection and security information management systems.
Experience in performing technical malware or forensic analysis on hard disk drives, SSDs, media, PCAP, and network logs.
Proven ability to analyze data from various sources and draw conclusions regarding security incidents.
Experience coordinating incident response with both technical and non-technical parties.

Preferred Qualifications

Experience with EnCase, FTK, or open-source forensic suites (SANS SIFT).
Familiarity with the MITRE ATT&CK framework for identifying adversary behavior.
Proficiency in scripting (Python/PowerShell) to automate log parsing and triage tasks.
Prior experience working within a Cybersecurity Service Provider (CSSP) or Tier 3 Security Operations Center (SOC).

Work Environment

Normal office conditions with potential to perform duties in deployed locations.
May be requested to work evenings and weekends to meet program and contract needs.