Friday, March 15, 2019

Cyber Security Incident Response Analyst

Job Title: IT - Cyber Security Incident Response Analyst
Location: Concord, CA
Position Type: Contract
Duration: 6+ Months
Notes: 100% onsite Role

Job Description
Position Summary Currently located in Concord, CA, this position is in our Security Intelligence and Operations Center and is responsible for monitoring, detecting, and responding to cybersecurity activity across ***’s telecommunication and data computing infrastructure. Response could include but is not limited to: troubleshooting, analysis, diagnosis, communicating with stakeholders, and resolution or coordination of resolution via support groups or business units. This position is requires the ability to think analytically, work collaboratively, and document all work being performed. Responsibilities • Monitor incoming event queues for potential security incidents; identify and act on anomalous network activity • Perform thorough analysis of APT/nation state attack, anomalous network behavior • Detailed analysis, documentation, and strong understanding of the attack vectors, persistence mechanisms, and detection avoidance tactics • Perform proficient forensic analysis using security tools and monitoring systems to Client the source of anomalous security events • Perform hunting for malicious activity across the network and digital assets • Perform detailed investigation and response activities to assist in identification, containment, eradication and recovery actions for potential security incidents • Analyze complex malware analysis through endpoint and network traffic forensics to determine if *** systems are impacted. • Develop innovative monitoring and detection solutions using *** tools and other skillsets such as scripting • Work with Security engineering team to analyze SIEM use cases • Recommend implementation of counter-measures or mitigating controls • Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment • Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity • Mentor junior staff in cybersecurity techniques and processes • Create and continuously improve standard operating procedures used by the SIOC • Monitor external event sources for security intelligence and actionable incidents • Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the IT organization as well as business units • Must comply with any regulatory requirements

Quals--
*LOCAL CANDIDATES ONLY* TOP THREE: The 3 things we are looking for are: 1. Prior Incident Response experience 2. Memory forensic analysis experience 3. Strong networking skills Minimum Qualifications • Bachelor's degree in Computer Science or related field, or equivalent work experience • 6 years of relevant work experience within security information technology • Prior experience in Computer Incident Response team(CIRT)/Computer Emergency Response team(CERT), or a Security Operations Center(SOC) • Extensive experience in network security monitoring, network packet analysis , host and server forensics Desired Qualifications • Utility Industry experience • Prior SIEM experience – Security Information & Event Management system, log aggregation and event notification tool such as IBM QRadar • SANS certification such as GREM, GCFA, GREM, GNFA, ENCE or related • Familiarity with regulatory requirements such as NERC/CIP, NIST, SOX etc. • Extensive experience in industry well known as well as open source Network and/ or Host forensic tools Knowledge, Skills and Abilities • Strong technical skills including malware reverse engineering, memory forensics, live response techniques, registry analysis • Strong networking knowledge – TCP/IP protocols, OSI model, Firewalls and other networking devices • Strong case management and forensic procedural skills • Strong customer service skills and decision-making skills • Good analytical skills – ability to analyze and think out of the box when working a security event • Experience with scripting languages such as Python, Perl, PowerShell • Self-motivated, methodical and detail oriented



Soma Venu, Talent Advocate
Global Technical Talent, Inc. - All current GTT Openings
233 Vaughan Street, Suite 102
Portsmouth, NH 03801
Ph: (603) 516-4421 / Fax: 800-775-3135
svenu@gttit.com / www.gttit.com

GIS Data Security Engineer



Job Title: GIS Data Security Engineer

Contract Duration: 9 Months Contract (Possibility of Extension)

Location: Orchard-L1, San Jose, California, USA 95131

Client: E-Bay


Job Description:
·         Client operates one of the world’s largest and most innovative online marketplaces. We are looking for a person with passion for Information Security. This position will work directly with teams inside and outside of Global Information Security (GIS) as part of our overarching security strategy at the Inc level.

What we are looking for
·         The ideal candidate will have a passion for designing and building reliable, scalable and maintainable data intensive distributed systems using open source, processing data at the internet company scale and managing world-class data pipelines to power real-time incident detection, investigation, response, thread intelligence mining and security research. As a Security Data Engineer, you will be expected to be skilled at software design and software engineering of the distributed systems, data streaming and batch processing. You must be knowledgeable and experienced in secure coding practices and secure Software Product Lifecycle (SPLC) process. And last but not least, you must have passion for learning and trying new technologies

Roles & Responsibilities
·         Preserve client customer trust
·         Think customer first
·         Demonstrate extreme ownership
·         Fail fast and learn fast
·         Know when to lead and know when to follow
·         Support your team
·         Design, implement and deploy data intensive applications on a global scale
·         Be proactive in identifying and solving operational issues
·         Monitor and evaluate application performance
·         Provide technical inputs, evaluate and recommend new ways to improve reliability, scalability and maintainability of the application
·         Build data pipelines, ETL, and management of high volume data across distributed systems.
·         Research, analyze, and formulates recommendations regarding technologies, products, and solutions to fulfill customer requirements within the enterprise.
·         Have fun doing it

Minimum Qualifications


· BS or MS in computer science or related fields

· Experience of working within product development teams and usage of tools like GitHub, Jenkins (and Jira)

· Hands on experience with threat/anomaly detection and prevention systems/tools

· Professional experience with developing and deploying production level code in Java

· Experience in administering Big Data systems and related technology (Hadoop (Horton) and Elastic (ELK))

Preferred Qualifications
·         BS in Computer Science or related field with 3+ years of experience or MS in Computer Science or related field with 2+ years of experience
·         Experience in troubleshooting issues in complex, distributed, multi-tier architectures.
·         Experience with building data intensive distributed systems
·         Experience in security engineering and operations related to threat detection systems/tools
·         Experience with any of Apache Kafka, Hive, Hadoop
·         Experience in handling analytics on large data sets
·         Experience with Elasticsearch (ELK stack)
·         Experience in DevOps and Infrastructure as a Code (Saltstack, Puppet)
·         Experience in developing and deploying in Docker/Containers on Kubernetes
·         Experience in software development using Python, Go, SQL

AKVARR Inc.
Talent Solutions
IT Consulting & Engineering
Agile Project Management
Workforce Management
Kandala Abhilash
Talent Acquisition Specialist
Direct: 240-345-0278

Sr Information Security Risk Analyst

Job Title:          Sr Information Security Risk Analyst
Duration:          6 Months (could go contract to hire)
Location:          Pasadena, CA
Start:                 ASAP
Pay Rate/Hr:    $65 - $85/hr (may be flexible for the right person)

Our client is looking for a highly technical information security risk analyst focused on methodically managing risk within the company. You will be responsible for evaluating and documenting control implementation with regard to FedRAMP and ISO 27001 requirements, assisting with internal security reviews, and working with internal teams to address compliance and audit issues.

Job Duties Include:
 Participate in evaluating SaaS-based Platform & Service offerings against FedRAMP Moderate control baseline and provide support for on-going compliance testing and reporting.
Participate in Internal audits of Corporate Systems and Third-Party Vendor Services.
Routinely analyze and report on the state of key controls reviewed as part of the Continuous Monitoring Plan (ConMon).
Ensure compliance with risk-based governmental and industry standards and security compliance frameworks such as FISMA, FedRAMP, ISO 27001, BSI C5, and SSAE 16 SOC 2 Type II.
Assist in tracking Corrective Action Plans (CAP’s) and Plan of Actions and Milestones (POA&Ms) towards remediation.
Provide support for corporate information security, compliance & risk management projects and processes.
Enhance existing processes via process engineering and workflow automation.

Required Qualifications:
Deep knowledge of NIST SP 800-53 rev 4, Moderate Impact Systems and FedRAMP-Defined Assignment and Selection Parameters and control testing.
Deep knowledge of ISO-27001 standards and control testing.
Experience applying general security and risk management concepts to globally deployed cloud-based SaaS platform.
Experience with managing and supporting an Enterprise Risk Management Lifecycle, Processes and Procedures.
Experience with managing risks associated with Third-Party Vendor Cloud Service integrations.
Experience with participating in Disaster Recovery Planning and Management in an Information Security, Compliance or Risk Management supporting role.
Experience in preparing and managing compliance auditing workpapers such as document request lists, standard test cases and audit test plans.
Ability to articulate compliance standards and specifications to technical and non-technical audiences to assist in the design of technical controls to meet regulatory requirements
U.S. Citizenship is required

Preferred Qualifications:
Ability to work and effectively prioritize in a highly dynamic work environment.
Experience using Atlassian Jira for team workload assignment and prioritization.
Experience balancing multiple Key Priority Initiatives (KPI’s) and workload assignments through Scrum or Kanban project management.
Experience using SumoLogic or similar solutions for Security Audit and Compliance Analysis and management reporting.
Experience configuring, managing and providing support for GRC or IRM tools such as Archer, ZenGRC or RSAM.
CISSP, CISM, CRISC, CISA or ISO Lead Implementor Certification.

Andy Ballantyne
Sr Technical Recruiter
Calance
800-732-4680 x709

aballantyne@calance.com

CSIRT Analyst

Title: CSIRT Analyst
Location: San Jose, CA
Duration: Long-Term Contract

Description:
  • Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.
  • Must demonstrate expert knowledge in one (1) or more of the following areas:
  • Vulnerability Assessment and Pen Testing, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Encryption, Web-filtering, Advanced Treat Protection, Email Security, Digital Forensics, Monitoring and Detection, Cyber Intelligence Analysis.

Core Job Functions Include:
  • Investigations – Investigating computer and information security incidents to determine extent of compromise to information and automated information systems
  • Escalations – Responding to escalated notable events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
  • Research – Researching attempted or successful efforts to compromise systems security and designs countermeasures.
  • Education - maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
  • Communications – Provides information and updates to shift leads, creates pass-downs for next shift, work closely with supporting teams, provide feedback for new security policy and standards, and engage with other teams and adjacencies through email and conference calls.
  • Digital Forensics – As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law
  • Coverage – Must be willing to perform shift work, weekends, and holidays as well as participate in a rotating shift consisting of four (4) 10 hour shifts with four days on, three (3) days off and possible rotations across Day, Swing, and Graveyard shifts as needed.

To be successful in this position, you should be proficient with:
  • Incident Response – Getting people to do the right thing in the middle of an investigation.
  • Offensive Techniques – Penetration testing, IOCs, and exploits at all layers of the stack.
  • Logs - you should be comfortable with a SEIM to be able to gather and analyze logs to recreate incidents and hunt for threats.
  • System Forensics – Basic understanding of image acquisition techniques, memory forensics, and the like.
  • Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.), and Wireshark/TCPDump.
  • Scripting – Should be familiar in scripting in at least one of the following: pythonperl or a similar language.
  • Risk Analysis – Taking a vulnerability in a particular environment and understanding the practical associated risk.

Qualifications:
  • Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
  • Minimum three (3) years of professional experience in incident detection and response, malware analysis, or digital forensics.
  • Must have at least one (1) of the following certifications:
  • SANS GIAC: GCED, GCIA, GPEN, GWAPT, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON, GCIH
  • ISC2: CCFP, CCSP, CISSP
  • Cisco: CCNA, CCNP
  • CERT: CSIH
  • EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH
  • Offensive Security: OSCP, OSCE, OSWP and OSEE
  • Digital Forensics: EnCE, CB, MiCFE, ACE, GCFA, GCFE

In addition, minimum of one (1) year of specialized experience in one or more of the following areas:
  • Security Assessment or Offensive Security
  • Application Security
  • Security Operations Center/Security Incident Response
  • Cyber intelligence Analysis

Sri Vardhan
Tel:619-363-6566


Analyst with Cisco Customs Experience

Job Title - Analyst with Cisco Customs Experience
Location - San Francisco, California
Job Description: 
 
  • Analyst with Cisco Customs Experience - (Tax, Broker Validation etc)
  • Cisco experience is a must

 

Rakesh Kumar
408-722-9438

Information Security Manager, GAP

Position Details:
Client: GAP
Title: Information Security Manager
Location: San Francisco CA
Duration: 12+ Month Contract with high possibility of extension

Job Description:
  • Lead the development, implementation and evaluation of Gap Inc.’s information security program and risk minimization programs to maintain customer trust .
  • Bachelor’s degree in Computer Science, Information Technology or a related technical discipline
  • 5+ years of relevant business experience in Information Security and GRC
  • Strong working knowledge of Key Performance Indicators and security metrics
  • Ability to develop structure, advance execution, and measure performance within various and complex projects, teams, and environment
  • Experience working with information security laws, regulations and standards (e.g. NIST, ISO 27001/27002, PCI DSS, GDPR, SSAE 16, CIS Critical Security Controls) and accepted information security principles and best practices.

Jayalakshmi Prakash
Technical Recruiter
T: (415) 678-1297

Tuesday, November 20, 2018

Engineer

Job Title: - Engineer
Location: -San Diego CA
Duration:- 6 Months (Possible Extension)

Overview
Client CDMA Technologies, a.k.a. QCT - http://www.qualcomm.com/qct/, is the world leader in wireless ICs powering the majority of 3G & 4G devices, is the largest fabless semiconductor in the world, and is consistently ranked near the top of Fortunes list of 100 Best Companies to Work For.. The PHY systems team is looking for post-silicon validation & tools development engineer. Successful candidate will support working on SQL database development of DDR settings and overall DDR triage tool development using Python, Perl. DDR HW validation (Bench probing, ATE, SW) background a plus. All Qualcomm employees are expected to actively support diversity on their teams, and in the Company.
 
Minimum Qualification
1+ years hands-on development using:- SQL database, Perl, Python Microsoft excel and general DB expertise
 
Preferred Qualification
3+ years of experience with C/C++ coding
 
Education
Required: Bachelor's, Computer Engineering and/or Computer Science and/or Electrical Engineering Preferred: Master's, Computer Engineering and/or Computer Science and/or Electrical Engineering *LI-SRC
 
 


JeremyWilliams
E TalentNetwork
http://etalentnetwork.com
8251 Greensboro Drive Suite 250
McLeanVA
jeremyw@etalentnetwork.com
(877) 733-3555 Ext.242