Tuesday, December 19, 2017

IT Security Analyst

Position Title: IT Security Analyst
Position Number: 273362
Location: Concord, CA
Desired Skill Set:
Analysis, Analytical Skills, TCP/IP
Position Description:
Title: Sr Cyber Security Threat Analyst/Specialist
Location: Concord, CA 94518

• Bachelors in Computer Science, or related discipline, or equivalent experience.
• Certified Information Systems Security Professional (CISSP) certification.
• Experience in Information Technology (IT), 6yrs.
• Extensive experience in analyzing network packet capture data using tools such as Wireshark.
• Experience performing computer forensics and memory analysis using industry standard and open source tools.
• Desirable - Prior experience working in a 24x7 security operations center.

Keywords and experience in candidates resumes:
Prior SEIM experience – Security event and information management system, log aggregation and event notification Network packet analysis (PCAP analysis) – Analyzing network packet for malicious / suspicious activity Wireshark experience and WCNA ( a plus) - Open source network packet analysis tool , WCNA – wireshark certificate. Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert. Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application Good analytical skills – ability to analyze and think out of the box when working a security event Experience with IBM QRadar a plus – IBM QRadar is the SEIM company has deployed and is using. Good networking knowledge – Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking. Any GIAC certifications a plus – These are SANS (industry well known security course provider) certs such as GMON, GSEC, GCIH etc. Tools (for associate the below tools in their resume will be a huge plus, for career and above I expect to see at least one of these below IBM QRadar SEIM Encase – Forensics analysis tool ProofPoint IDS / IPS Palo Alto Firewalls Open source security tools such as Suricata, SANS SIFT workstation, Open source forensics tools – Volatility etc.

• Acts as a subject matter expert in area of field.
• Leads moderately to complex projects which may be cross functional.
• Analyzes complex malware/exploits through forensics, observation of network traffic and using other tools and resources to determine if systems are vulnerable.
• Leads development of framework for implementing tools and processes to improve quality and timeliness of reports.
• Expert in area of field and applies extensive knowledge of concepts, principles, and practices.
• Codes complex tasks that integrate systems, produce reports or provide output that can be leveraged by other team members or systems.
• Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events.
• Assists in performing basic research internally and externally.
• Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools.
• Develops a strategy to implement work in department.

Comments/Special Instructions
Manager is looking for good process documentation skill / experience. NERC access is required for this position
Santon Kumar
Associate Recruiter
Phone: (636) 812-4000, Ext.: 6794 | Fax: (636) 812-0078
E-mail: sykumar@roseIT.com