×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Principal Cyber Defense Ops Specialist

Job in Johnston, Providence County, Rhode Island, 02919, USA
Listing for: Citizens
Full Time position
Listed on 2025-12-31
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Join to apply for the Principle Cyber Defense Ops Specialist role at Citizens

Description

The Principal Incident Response Analyst will be a resident technical expert within the Security Operations Center (SOC). This role is for a senior level individual contributor role on the Cyber Defense – Computer Security Incident Response Team (CSIRT) and will be working closely with the Threat Intelligence, Attack Surface Management, and Detection Engineering teams.

This role will have responsibility for one or more of the security systems aligned with their specific function, either directly or indirectly; and will be a technical authority for critical operational decisions having significant impact to the organization with authority extending beyond the team to include both technology and business line areas in security-related decisions.

This role will also help mature an existing CSIRT incident response, malware analysis, and advanced threat detection programs.

  • Conducting network forensics, log analysis, and malware triage in support of incident response investigations
  • Utilizing current and future tools to perform hunting for complex insider and outsider threats
  • Analyzing vulnerability assessment and penetration testing results to help identify stealthy threats and drive remedial action of critical threats
  • Supporting proactive deep malware analysis, and recommending defensive actions to effectively defend against malware related attacks
  • Recommend how to optimize security monitoring tools based on threat hunting discoveries
  • Facilitating the evaluation, selection and implementation of supporting SOC systems and tools
  • Helping develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
  • Exercising analytical skills and knowledge of supervision regulations
Experience And Skills
  • 7 or more years of progressive security industry experience
  • Demonstrated understanding of various operating systems (Window, Unix, Linux, AIX, etc) with an emphasis on Security Operations
  • Hands on experience with:
    • Security Information and Event Management Tools (QRadar, Arcsight, Splunk, etc.)
    • Intrusion Prevention Tools
    • Database Security Tools (Guardium)
    • Data Loss Prevention Tools (Symantec, Websense, etc.)
    • Firewalls (Cisco, Palo Alto, Check Point etc.)
    • Application Security Tools
    • Vulnerability tools
    • Cyber Security Incident Response
    • Network Intrusion Detection Systems (Source Fire, McAfee, etc.)
    • Host Intrusion Detection Systems
    • Packet Capture tools
  • Experience with threat taxonomies, models (e.g. MITRE ATT&CK), and Indicators of Compromise (IOCs)
  • Experience with one or more scripting language (Bash, Python, Perl, Power Shell, etc.)
  • Experience with malware reverse Analysting and tools such as IDA Pro, Olly Dbg, PEID etc.
  • Knowledge of Advanced Persistent Threat (APT) actors and associated tools, techniques, and procedures (TTPs)
  • Excellent oral and written communications skills
  • Strong analytical and critical thinking skills
  • Self-motivation with the ability to work under minimal supervision
  • Experience with computer security incident handling, coordination and response
  • Knowledge and experience required in the areas of security assessment and vulnerability scanning, risk based threat analysis, and security mitigation techniques
Education, Certifications And/or Other Professional Credentials
  • Bachelor’s Degree (Security / IT Related) or equivalent combination of experience
  • A combination of relevant industry certifications including, but not limited to CISSP, GREM, GCIH, GCIA, CEH, GCED, CISA, etc
Hours & Work Schedule

Hours per Week: 40

Work Schedule:

Monday through Friday 8:30AM - 5:00PM

Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.

Equal Employment Opportunity

Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search