At the Securities and Exchange Commission (SEC), we are committed to diversity, equity, inclusion and accessibility (DEIA) and value a workforce that reflects the diverse experiences and perspectives of the communities we serve. As such, we welcome applications from qualified individuals of all backgrounds who share our commitment to public service.
- Creating new intrusion detection mechanisms that identify cybersecurity incidents, and automating common incident response activities using Splunk Search Processing Language (SPL) with a high degree of proficiency.
- Leveraging data extraction and analysis tools, with a high degree of proficiency, to include but not limited to: Perl Compatible Expressions (PCRE), GNU Coreutils, CyberChef, Python modules, Microsoft Excel/Splunk Pivot Tables, SPL, etc.
- Proficiency with Python 3.x and/or PowerShell for automating multi-platform enterprise infrastructure tasks associated with cybersecurity analysis and incident response.
- Forming sound analytical assessments by systematically applying the Lockheed Martin Cyber Kill Chain?, the “The Diamond Model of Intrusion Analysis”, and MITRE ATT&CK framework against all available data during the course of analysis.
- Conducting static and dynamic malware analysis, evaluating network packet captures (PCAP), and analyzing log of multi- platform/multi-cloud enterprise environments.
- Evaluating, generating, and applying detections associated with cyber threat intelligence with a high degree of proficiency.
- Coordinating a team of analysts during complex incident response activities.
- Communicating effectively with colleagues and senior leadership from technical and non-technical backgrounds on the status of ongoing incident response efforts.