Sunday, February 4, 2018

Cyber Security Threat Analyst

Title: Cyber Security Threat Analyst/Specialist
Location: Concord, CA, 94518
Duration: 5 months
Required:

  • IBM QRadar SEIM Encase
  • Forensics analysis tool ProofPoint IDS / IPS Palo Alto Firewalls
  • Open source security tools such as Suricata, SANS SIFT workstation
  • Open source forensics tools –Volatility etc.
  • Security event and information management system
  • Log aggregation and event notification Network packet analysis (PCAP analysis)
  • Analyzing network packet for malicious / suspicious activity Wireshark experience and WCNA (a plus) - Open source network packet analysis tool
  • WCNA – wireshark certificate.
  • Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert.
  • Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application
  • Good analytical skills – ability to analyze and think out of the box when working a security event Experience with IBM QRadar a plus – IBM QRadar is the SEIM client has deployed and is using.
  • Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking.
  • Any GIAC certifications a plus.
  • These are SANS (industry well known security course provider) certs such as GMON, GSEC, GCIH etc.
Qualifications:
  • Bachelors in Computer Science, or related discipline, or equivalent experience Certified Information Systems Security Professional (CISSP) certification
  • Experience in Information Technology (IT),
  • 6yrs Extensive experience in analyzing network packet capture data using tools such as Wireshark Experience performing computer forensics and memory analysis using industry standard and open source tools Desirable
  • Prior SEIM experience – Security event and information management system, log aggregation and event notification
  • Network packet analysis (PCAP analysis) – Analyzing network packet for malicious / suspicious activity Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert.

Responsibilities: 

  • Acts as a subject matter expert in area of field. Leads moderately to complex projects which may be cross functional.
  • Analyzes complex malware/exploits through forensics, observation of network traffic and using other tools and resources to determine if client’s systems are vulnerable.
  • Leads development of framework for implementing tools and processes to improve quality and timeliness of reports.
  • Expert in area of field and applies extensive knowledge of concepts, principles, and practices.
  • Codes complex tasks that integrate systems, produce reports or provide output that can be leveraged by other team members or systems.
  • Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events.
  • Assists in performing basic research internally and externally.
  • Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools.
  • Develops a strategy to implement work in department. 

Kanika Anand
Spectraforce Technologies Inc

Kanika.anand@spectraforce.com