- 1 regular shifts: M-F,
- 1 swing shift: Sat-W,
- 2 day shifts: Sat-W,
- Bachelors in Computer Science, or related discipline, or equivalent experience
- 6yrs in IT
- Experience in executing digital investigations and performing incident response activities
- Prior SEIM experience – Security event and information management system, log aggregation and event notification
- Network packet analysis(PCAP analysis) – Analyzing network packet for malicious / suspicious activity
- Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert.
- Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application
- Good analytical skills – ability to analyze and think out of the box when working a security event
- Good networking knowledge – Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking.
- Tools - for associate the below tools in their resume will be a huge plus, for career and above I expect to see at least one of these below:
- IBM QRadar SEIM Encase – Forensics analysis tool
- ProofPoint IDS / IPS Palo Alto Firewalls
- Open source security tools such as Suricata, SANS SIFT workstation, Open source forensics tools – Volatility etc.
- Background in utilizing digital forensic tools including Guidance EnCase, SIFT Workstation,volatility, IEF
- Certified Information Systems Security Professional (CISSP) certification
- Wireshark experience and WCNA( a plus) - Open source network packet analysis tool , WCNA – wireshark certificate.
- Experience with IBM QRadar a plus – IBM QRadar is the SEIM PG&E has deployed and is using.
- Any GIAC certifications a plus – These are SANS( industry well known security course provider) certs such as GMON, GSEC, GCIH etc.
Conduct computer forensics, registry and memory analysis to identify malicious activity. Analyzes complex malware/exploits through forensics, observation of network traffic and using other tools and resources to determine if PG&E systems are vulnerable. Leads development of framework for implementing tools and processes to improve quality and timeliness of reports. expert in area of field and applies extensive knowledge of concepts, principles, and practices. Codes complex tasks that integrate systems, produce reports or provide output that can be leveraged by other team members or systems. Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events. Assists in performing basic research internally and externally. Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools. Develops a strategy to implement work in department
Erica Mummert | Professional Recruiter | Insight Global, LLC