Monday, May 27, 2019

Security Threat Analyst

Position Summary
Currently located in Concord, CA, this position is in our Security Intelligence and Operations Center and is responsible for monitoring, detecting, and responding to cybersecurity activity across telecommunication and data computing infrastructure.
Response could include but is not limited to: troubleshooting, analysis, diagnosis, communicating with stakeholders, and resolution or coordination of resolution via support groups or business units.
This position is on one of three shifts and requires the ability to think analytically, work collaboratively, and document all work being performed.
 Responsibilities:
• Monitor incoming event queues for potential security incidents; identify and act on anomalous network activity
• Perform initial investigation and triage to senior analysts with proper documentation for potential security incidents
• Perform hunting for malicious activity across the network and digital assets
• Perform detailed investigation and response activities for potential security incidents
• Ability to perform payload analysis of packets
• Ability to detonate malware to assist with threat research
• Recommends implementation of counter-measures or mitigating controls
• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
• Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
• Assist in mentoring junior staff in cybersecurity techniques and processes
• Assist in creation and continuous improvement of standard operating procedures used by the SIOC
• Monitor external event sources for security intelligence and actionable incidents
• Must comply with any regulatory requirements 
Qualifications:
**LOCAL CANDIDATES ONLY*
*TOP THREE** The top three things we are looking for are:
1. Prior Security Operation Center (SOC) experience
2. Strong networking skills
3. Event Monitoring / Incident Response
 Minimum Qualifications:
• Bachelor's degree in Computer Science or related field, or equivalent work experience
• 2 years of relevant work experience within security information technology
• Experience in network security monitoring, network packet analysis and / or host forensics.
• Good networking knowledge – TCP/IP protocols, OSI model, Firewalls and other networking devices
• Strong customer service skills and decision-making skills
• Good analytical skills – ability to analyze and think out of the box when working a security event
• Self-motivated, methodical and detail oriented Desired Qualifications
• Utility Industry experience
• Formal IT Security/Network Certifications such as: CompTIA, SANS GIAC, ISC², CCNA
• Prior SIEM experience – Security Information & Event Management system, log aggregation and event notification tool such as IBM QRadar
• Extensive experience in industry well known as well as open source Network and/ or Host forensic tools
• Familiarity with scripting languages such as Python, Perl, PowerShell 

Best,
-- 
Spenser Bradley
Account Manager
 
Randstad Technologies
1545 River Park Drive, Suite 501
Sacramento, CA 95815
T  916 256 3696 
M  916 402 5838
Spenser.Bradley@randstadusa.com