Wednesday, May 11, 2016

Senior Security Engineer

Job Title: Senior Security Engineer
Duration: 6 Months  (Contract to hire)
Location: San Ramon CA 94583

Training, Licenses or Certifications Required:

  • SANS GIAC Certified Intrusion Analyst (GCIA) or SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Continuous Monitoring (GMON) or related Degree


The Cybersecurity function is led by CLIENT's Vice President - Chief Information Security Officer and is responsible for cybersecurity and risk management across the organization. The Security Intelligence and Operations Center (SIOC) is responsible for ensuring that CLIENT proactively identifies and assesses threats to its network and data, monitors its network for malicious activity, investigates intrusions and other relevant events, and has a sophisticated and detailed understanding of the evolving threat landscape. Position Summary - This is a challenging and fast passed position in CLIENT's Security Intelligence and Operations Center (SIOC) which is responsible for detecting, analyzing and responding to any suspicious cyber security activity across CLIENT's business and operational networks. The SOC is a critical team within CLIENT's broader Information Security team which is led by CLIENT's Vice President - Chief Information Security Officer.

Duties & Responsibilities:

  • Respond to computer security incidents and conduct threat analysis
  • Identify and act on malicious or anomalous activity
  • Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
  • Deep knowledge of log, network, and system forensic investigation techniques
  • Deep knowledge of diverse operating systems, networking protocols, and systems administration
  • Deep knowledge of commercial forensic tools
  • Deep knowledge of common indicators of compromise and of methods for detecting these incidents
  • Deep knowledge of IT core infrastructure and cyber security components/devices
  • Deep knowledge of TCP/IP Networking and knowledge of the OSI model
  • Deep knowledge of OS management and Network Devices
  • Deep knowledge of Intrusion Detection/Prevention Systems
  • Deep knowledge of Antivirus Systems
  • Intelligence driven defense utilizing the Cyber Kill Chain
  • Significant experience monitoring threats via a SIEM console
  • Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
  • Excellent problem solving, critical thinking, and analytical skills - ability to de-construct problems
  • Strong customer service skills and decision-making skills
  • Significant experience with packet analysis (Wireshark) and Malware analysis preferred
  • Candidate must have familiarity with regulatory requirements, such as NERC/CIP, NIST SP 800, SOX, etc

Desired:

  • Experience with scripting in Perl/Python/Ruby/PowerShell
  • Experience with network and desktop-based and server-based forensics
  • Malware reverse engineering skills

Education Required:

  • Bachelor's degree in Computer Science or related field, or equivalent work experience



Vinay Dabas| Team-Recruitment | Mindlance, Inc. | Office: (
732)-504-6113 | vinayd@mindlance.com
Hoboken, NJ