Responsibilities, authorities and accountabilities

In this role, you will:

Lead technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events.Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM)Perform daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Event Triage AnalystsMentor and train Event Analysts as required.The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler

Required Qualifications

Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 4 years of professional experience in STEM related degree, Political Science/Government/International Affairs.

Desired Characteristics

Technical Expertise:

The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handlerStrong verbal and written communication skillsDetailed understanding of APT, Cyber Crime and other associated tacticsStrong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industryKnowledge of and/or working on Baker Hughes OT productsProfessional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information TechnologyExperience with host based detection and prevention suites (Microsoft Defender, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)Experience with host-centric tools for forensic collection and analysis (Microsoft Defender, SleuthKit, Volatility Framework, FTK, Encase, etc.)Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)Experience with malware and reverse engineering (Dynamic and static analysis)Strong IT infrastructure background including familiarity with the following:Networking (TCP/IP, UDP, Routing)Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)System/Application vulnerabilities and exploitationOperating systems (Windows, *Nix, and Mac)Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniquesCISSP, CISM or related SANs certifications preferredActive US government security clearanceWorking knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG