|Reference #||19-00011||Title||Information Security Systems Administrator|
|Start Date / End Date||2019-02-04 00:00:00 --- 2019-05-31 00:00:00|
HAVE TO HAVE 3 years of firewall experience. Any resumes without 3 years of Firewall Experience listed on resume will be immediately rejected by the manager.
• Will be responsible for the execution of incident handling functions as well as direct response to security incidents affecting DES.
• Propose and coordinate incident response plans
• Correlate incident data to identify specific vulnerabilities and make recommendations that enable containment of the threats and an expeditious remediation
o Clearly document/communicate processes and findings to both technical and executive audiences
o Identify gaps and bottlenecks in remediation processes, develop metrics around and provide process improvement recommendations.
o Support security reviews/vulnerability risk assessments of network environments
• Conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations.
• Recognize and organize attacker tools, tactics, and procedures (TTPs) and indicators of compromise (IOCs) that can be applied to current and future investigations.
• Conducts as needed ad-hoc incident analysis
• Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities
• Periodically assess the limitations of the existing methods and tools in the hunter/responder toolset and propose enhancements.
• Leverage threat intelligence, document threats as needed and share intelligence from analysis to further enhance service quality and delivery
• Coach less experienced members of the team in threat hunting and incident response topics
What you have:
• Minimum 8+ years' experience in Information Technology
• Minimum 5+ years' experience in Information Security
• Strong research background and an analytical approach
• Analytical security certification or demonstrable equivalent experience required
• Proven experience analyzing pen test findings
• Strong vulnerability scanner background and experience such as Qualys or Nessus.
• Develop and improve KPIs, metrics, and trending for vulnerability management functions.
• This role requires experience effectively communicating event details and technical analysis to technical audiences and stakeholders on the client side.
• Strong analytical and problem-solving skills
• Ability to multi-task and prioritize workload
• Solid understand of the TCP/IP protocol suite, security architecture, and security techniques/products.
• Experience with various security management tools (Vulnerability Management, Configuration Management, SIEM, etc.)
• Ability to analyze captured data to perform incident response and identify potential compromises to customer networks
• Experience with various security monitoring and endpoint security tools
• Good understanding of the components of a threat intelligence capability
• Experience with a scripting language such as Perl, Ruby, Python, and BASH