Thursday, December 4, 2014

CYBER Incident Response Lead

My name is Jason and I'm an IT recruiter at Mondo, the nation's premier Digital Marketing and IT resourcing agency. For over 13 years, the world’s most prestigious companies have turned to us to provide their IT and digital marketing departments with the most critical resource: people. We thrive on the kind of change that disrupts, rewrites the rules, and demands action at a moment’s notice. Our expertise in the industry allows us to match major companies with top talent, and we want you!

There is immediate need for your expertise at one of our clients and I think you could be a great fit! Please review the job description below and let me know what you think. Is this a role you’re interested in hearing more about? 

If so, send me your most up to date resume in a Word document! 

OPPORTUNITY: CYBER Incident Response Lead
LOCATION: Collegeville, PA
Interview Process- Phone Interview


Job Description
Responsible for responding to
escalations, handoffs or alerts that meet
a high severity criteria. The L2 Analyst
investigates the network for threats
based on vetted Intelligence and
Indicator sources. They proactively
identify detections and alerts resulting
from their analysis and drive the
adaptation of defenses. They enrich the
investigation structure with detailed
analysis and capture of perceived
attacker tactics, techniques and

Basic Qualifications
Responsible for maintaining the integrity
and security of enterprise-wide cyber
systems and networks. The Analyst is
responsible for the following: - Support to
cyber security initiatives through both
predictive and reactive analysis -
Coordination of resources during
enterprise incident response efforts,
driving incidents to resolution. -
Employing advanced forensic tools and
techniques for attack reconstruction -
Perform network traffic analysis utilizing
raw packet data, net flow, IDS, and
custom sensor output as it pertains to
the cyber security of communications
networks. - Review threat data from Client
feeds and develop custom signatures for
Open Source IDS or other custom
detection capabilities. - Correlate
actionable security events from various
sources including Security Information
Management System (SIMS) data and
develops unique correlation techniques.
- Utilize understanding of attack
signatures, tactics, techniques and
procedures associated with advanced
threats. - Develop analytical products
fusing enterprise and all-source
intelligence. - Conduct malware analysis
of attacker tools providing indicators for
enterprise defensive measures, and
reverse engineer attacker encoding
Desired skills
-Incident handling experience -Advanced
understanding of networking, system
-In-depth knowledge of architecture,engineering, and operations of at least
one enterprise SIEM platforms (e.g.,
Nitro/McAfee Enterprise Security
Manager, ArcSight, QRadar, LogLogic,
Splunk) - Demonstrated experience with
the LM-CIRT or similar Computer
Incident Response organization -
Experience and proficiency with any of
the above: Anti-Virus, HIPS, ID/PS, Full
Packet Capture, Host-based Forensics,
Network Forensics. - Experience with
malware analysis concepts and
If qualified and interested, please send your most current resume as a word document to Jason Weinstein

Jason Weinstein
Technical Recruiter, Mondo
P: 646-230-0876
Philadelphia, PA 19103