Job Title: IT- Cyber Security Threat Analyst/Specialist – Senior
Location: 1030 Detroit Ave, Concord, CA 94518
Duration: 5 Months contract
Location: 1030 Detroit Ave, Concord, CA 94518
Duration: 5 Months contract
Job ID: 9615
Job Responsibilities:
· Acts as a subject matter expert in area of field. Leads moderately to complex projects which may be cross functional.
· Analyzes complex malware/exploits through forensics, observation of network traffic and using other tools and resources to determine if PG&E systems are vulnerable.
· Leads development of framework for implementing tools and processes to improve quality and timeliness of reports.
· Expert in area of field and applies extensive knowledge of concepts, principles, and practices.
· Codes complex tasks that integrate systems, produce reports or provide output that can be leveraged by other team members or systems.
· Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events.
· Assists in performing basic research internally and externally.
· Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools.
· Develops a strategy to implement work in department.
Qualifications:
Minimum:
· Bachelors in Computer Science, or related discipline, or equivalent experience Certified Information Systems Security Professional (CISSP) certification
· Experience in Information Technology (IT), 6yrs
· Extensive experience in analyzing network packet capture data using tools such as Wireshark
· Experience performing computer forensics and memory analysis using industry standard and open source tools
Desired:
· Prior experience working in a 24x7 security operations center
· Prior SEIM experience – Security event and information management system, log aggregation and event notification
· Network packet analysis(PCAP analysis) – Analyzing network packet for malicious / suspicious activity Wireshark experience and WCNA( a plus) - Open source network packet analysis tool , WCNA – wireshark certificate.
· Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert.
· Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application
· Good analytical skills – ability to analyze and think out of the box when working a security event
· Experience with IBM QRadar a plus – IBM QRadar is the SEIM PG&E has deployed and is using.
· Good networking knowledge – Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking.
· Any GIAC certifications a plus – These are SANS( industry well known security course provider) certs such as GMON, GSEC, GCIH etc.
· Tools( for associate the below tools in their resume will be a huge plus, for career and above I expect to see at least one of these below IBM QRadar SEIM Encase – Forensics analysis tool ProofPoint IDS / IPS Palo Alto Firewalls Open source security tools such as Suricata, SANS SIFT workstation, Open source forensics tools – Volatility etc.
Regards
Pradeep.V
Recruiting Lead
Artech Information Systems LLC
360 Mt. Kemble Avenue, Suite 2000 | Morristown, NJ 07960 Office:973-507-7539 | Fax: 973.998.2599
Email: pradeep.v@artechinfo.com | Website: www.artechinfo.com
|