IIT Inc. Home

IIT Jobs Data Bank-Job Detail

Submit Resume For This Job (via email)
Follow us on LinkedIn or Twitter or Facebook
Follow us on Facebook Follow us on LinkedIn
ID Location Skills $$ Job Type Status
14573 Downtown Manhattan, NY 10004 IT Security Threat Intelligence: Cyber Security, UNIX, Windows, OSX, SIEM, EDR, MITRE ATT&CK DOE Contract OPEN
If you are unable to click on links above to submit resume, you may email your resume to

Subject=IIT Career Site/Resume for JobID=14573 (IT Security Threat Intelligence: Cyber Security, UNIX, Windows, OSX, SIEM, EDR, MITRE ATT&CK) in Downtown Manhattan NY 10004 (SJU)

Estimated Length: 12 months


General Information:
This job is responsible for Cybersecurity Forensics and Investigation activities related to Cyber Security Operation Center (CSOC). This position at the Client is a highly skilled, demanding position with up-todate, expert security knowledge of Software Programming and Reverse Engineering Code, Coding and Scripting, Cyber Security Forensic Technologies and Tools, Enterprise Network & Security infrastructure, Communication and internet security systems, Windows and UNIX Platforms, Mobile Devices, EDR Systems, Firewalls, Intrusion Protection Systems, SIEM, Splunk, RSA Net Witness, Threat Intelligence Platforms, Remote Access VPN, Proxy, Wireless Security, NAC, Enterprise ID Management systems, Database, computer systems, security event analysis and forensic investigation. Candidate should have industry standard security information on current trends, and evolving security of vendor products
utilized in enterprise security. Candidate will support various teams of the Cyber Security Operation Center. This will include participating in real-time Forensics and Investigations, Cyber Incident Response, evaluation of advance threats, threat hunting, and statistical analysis. Candidate should have strong knowledge and experience with ICS-SCADA Technologies and PCI environments.

This position will interface with various IT departments and provide information to IT leadership with respect to current infrastructure security events, reporting, investigation monitoring and day to day security operation. The following desired knowledge, skills, and abilities are required for this position. Excellent organizational, decision making and communications skills. Excellent knowledge of network security operations with a solid understanding of the technology. Good to excellent attention to detail. Excellent creative problem-solving abilities, coupled with a desire to take on responsibility. Strong team player and people skills with the ability to engage and motivate fellow staff members to drive results. Ability to handle multiple tasks in a fast-paced environment and prioritize highly varied work in order to maintain required productivity levels. Ability to communicate technical info and ideas so others will understand. Ability to make appropriate decisions considering the relative costs and benefits of potential actions. Ability to apply varying team player traits that create solutions and results to unexpected situations. Ability to assist and motivate less experienced team members to achieve our goals.

• Work alongside / within a group of technical security staff responsible for the management,
response, and reporting to all Client Computer and Network security related incidents,
performing forensic investigations on advance threat analysis. This position will also be
responsible for all statistical analysis, performing simulation and incident testing in a lab
environment, correlation of events, trend analysis, comparing against security policy and
vulnerability database.

• Examining physical memory dumps, volatile data and system audit captures, NTFS $MFT files,
Windows Registry hives, Windows Event logs, running processes, active network connections,
system logs, and select file attributes
• Web Application Security - Develop and assist the Client in improving web application security,
developing use cases, analyzing, and leading incident response related web application security.
Along with incidents within the cloud host platforms such as Amazon and Azure
• RSA Application Expert Analyst. must have expert ability to leverage RSA Net witness platform
during forensic investigations
• Conducting with conducting Cyber Security Tabletop Exercises.
• Building and Maintaining Cyber Security Incident Response Plans.
• Participate / assist with the management and monitoring, analyzing, and reporting of security
incident and day to day security events with primary focus on highly critical systems holding
PPSI, PCI and HIPPA data to make sure proper security controls are in place.
• Participate / assist with incident reporting and providing forensic investigation reports to
management, notifying, and coordinating changes with all Client agencies and departments as a
result of security incidents.
• Perform project management and assist with forecasting, budgeting, and monitoring of data
security projects and procedures as they relate to Cyber Security Operation Center. Assist the
Cyber Security Incident and Monitoring and Security Support team as per Client and New York
State security policies and procedures.
• Responsible to provide 24x7x365 level 2 support as it relates to all security incident and play
primary role in forensic investigation at Cyber Security Operation Center at Client.
• Assist as directed the CSOC focal point in any Cyber Security investigation that requires
involvement with law enforcement agencies.
• Assist with life cycle replacement and upgrades throughout Client for all Cyber Security Incident
Response infrastructures.

Additional Skills and Information:
• Candidate must possess expert level skills with multiple programming languages and must
demonstrate that they can reverse engineer malware code.
• The Candidate must be an expert in Cyber Security Incident Response processes.
• Must be proficient with UNIX, Windows, OSX, and Mobile Devices. Candidate must be proficient
with the administration of Office365 and all its security features.
• Candidate should be comfortable with threat hunting across a variety of data sources including
writing custom SIEM queries, EDR queries, and other technologies as required.
• The candidate must have experience ingesting and processing intelligence that aligns with
MITRE ATT&CK Framework including TTPs that align with MITRE ATT&CK framework.



Submit Resume For This Job (via email)
Don't See a Position Matching Your Skills?
Click here to Email / Register your resume and be notified of future job openings.
About IIT:

Founded in 1995, IIT is a leading provider of Workforce Solutions to Government and Fortune-1000 organizations. IIT is a winner of Inc-500 award. IIT's core services include:

  • Consulting for projects / IT Outsourcing
  • IT staffing (Contract / Temporary / Contingent / Consulting)
  • Custom Workforce Solutions
  • Recruitment Process Outsourcing (RPO)
  • Headquartered in New York, IIT has over 400 consultants deployed at Client Sites. Other IIT highlights include

  • Winner of Inc-500 award 2 consecutive years
  • Winner of Ernst & Young / USPAACC Fast-50 award 2 consecutive years
  • Winner of USPAACC Top-10 Award in the Northeast US
  • IBM Business Partner
  • Oracle Business Partner
  • Adobe Business Partner
  • NYSA Member - New York Staffing Association - Regional Affiliate of ASA / American Staffing Association
  • NYS MBE certified
  • Our Consultants love working for IIT

  • Competitive compensation
  • W2 or C2C
  • Biweekly Direct Deposit for W2 Consultants
  • Visa and Green Card sponsorship opportunities for qualified individuals
  • Local contact for you to meet and talk to anytime (not someone sitting overseas in a different time zone)
  • Follow us on LinkedIn or Twitter or Facebook

    IIT is an Equal Opportunity Employer