Monday, February 12, 2018

Threat Analyst

Job Title: Urgent Job opportunity as IT Cyber Security Threat Analyst/Specialist at Concord, CA 
Company: Mindlance Inc. 

Title: IT Cyber Security Threat Analyst/Specialist 
Location: Concord, CA 
Duration: 6+ Months assignment (Can be extended) 


Expect to see at least one of these below: 
1. IBM QRadar SEIM Encase – Forensics analysis tool ProofPoint IDS / IPS Palo Alto Firewalls. Open source security tools such as Suricata, SANS SIFT workstation. Open source forensics tools – Volatility etc. 
2. Prior SEIM experience – Security event and information management system, log aggregation and event notification 
3. Network packet analysis (PCAP analysis) – Analyzing network packet for malicious / suspicious activity 
4. Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert. 

Some Other Skills: 
1. Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application 
2. Good analytical skills – ability to analyze and think out of the box when working a security event 
3. Good networking knowledge – Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking. 

1. Wireshark experience and WCNA (a plus) - Open source network packet analysis tool, WCNA – wireshark certificate. 
2. Any GIAC certifications (a plus) – These are SANS (industry well known security course provider) certs such as GMON, GSEC, GCIH etc. Tools (for associate the below tools in their resume will be a huge plus, for career and above. 
3. Experience with IBM QRadar (a plus) – IBM QRadar is the SEIM PG&E has deployed and is using.