Tuesday, June 30, 2020

SOC Analyst

Title: SOC Analyst

Location: Atlanta, GA

Duration: Contract

JD

Job Responsibilities:

Monitoring: monitoring email queue, ticket activity, alerts in SIEM, escalations from vendors, CTI teams, CSIRT and other teams. The purpose would be to ensure all esclations to L3 are quickly received, acknowledged, and actioned. The monitoring on the technical level would require reviewing alerts, activity, indications of infections and other security triggers to determine whether something malicious is occurring in the environment. This would require familiarity with various security products (e.g. SIEM, EDR, Proxies, Firewalls, etc.) as well as familiarity with attack methodologies.

Investigation & Analysis: the candidate should be versed in malware analysis, should know how malware is written (essential building blocks of how malware code is engineered and what it usually contains), its manner of execution, its lifecycle (across various MAF tactics  & techniques) and how it escalates. Should know sand boxing concepts thoroughly and should have at minimal intro level understanding of reverse engineering concepts. This means the candidate should know import tables, libraries function calls, persistence, lateral movement methods, etc. The candidate should also be familiar with Windows System Internals (how the Windows OS functions)

Threat Hunting:
The candidate should have a general investigative mindset and think like an investigator- asking the deeper questions to draw context, purpose, rationale, logic as to why the author/payload performed its operation. The candidate should know how to search & parse/sort through data sets such as process executions, dns calls, network connections, services installed, registry changes made on system and know how to hunt for those particular datasets  - whether those are event logs, DC logs, authentication logs, netflow logs, sysmon logs, etc. The hunter should be able to form hypothesis as to what a particular event(s) may indicate and know how to prove/disprove the hypothesis, know how to pivot and reestablish consequential hypothesis from the results.

Communication:
The candidate should have good communications skills, write clearly and to the point, be able to deliver content based on the audience it is intended for, have a generally good command of the English language.

General:
The candidate should have a generally positive attitude, be driven, be a team player, seek creative ways to contribute to team and effort, be available, resourceful and independent thinker for the most part.


Priyanshu Kumar

IDC Technologies Inc.
Desk: 408-290-6336

Text:  315-933-4046

Mailto: priyanshu.kumar@idctechnologies.com

Wednesday, June 24, 2020

Cyber Security Forensic Analyst

Title: Cyber Security Forensic Analyst
Location: Austin, Tx (with current situation, initially they will start remote)
Duration: 6 Months


Job Description:
IBM is seeking a Cyber Security Forensic Analyst professional to work on the Cyber Security Incident Response team (CSIRT) This position requires a strong technical security professional, who will be responsible for conducting highly technical and confidential investigations.  (e.g. data loss, advanced persistent threats, malware analysis etc)  
 
The role will be responsible for conducting forensic investigations and analysis in support of cyber incidents that are reported into the CSIRT team.  This role will require the ability to triage and conduct thorough examinations of all types of digital media within a heterogeneous environment, the ability to determine containment and/or remediation activities that may be required as well as identify potential threats.  Reporting and collaborating with the different areas of Business will be required, as well as providing relevant lesson learned output that can be fed into the IBM threat landscape.

 

Required:
• At least 5 years of experience in IT Security Digital Forensics
• At least 2 years of experience in Incident Response in a global corporate enterprise


Required Knowledge, Skills and Abilities
• Demonstrated computer forensic investigations experience.
• Expert-level knowledge of common attack vectors and penetration techniques.
• Solid working knowledge of networking technology and tools, firewalls, proxies, IDS/IPS, encryption.
• Demonstrated knowledge of forensic tools such as Encase, FTK, Axiom, Black Bag, SIFT.
• Experience with malware analysis (reverse engineering).
• Excellent technical writing and presentation skills.
• Excellent general writing skills in presenting information in a non-technical manner; Business Case construction, Proposals, and Plans.
• Ability to successfully lead and facilitate information gathering meetings with client senior-level employees.
• Event analysis and correlation.
• Experience managing large and small scale cyber security incidents.
• Ability to coach and training junior level analysts in industry best practices and methodologies.
• An ability to understand and correlate strategic decisions/methodologies into their practical application at an operational level.
• Demonstrated understanding of database structures and SQl
• Experience with Linux operating systems

Essential Duties and Responsibilities
• Conduct examination of digital media (hard drives, network traffic, mobile phones, etc.).
• Capture / analyze network traffic for indications of compromise.
• Review log-based data, both in raw form and utilizing SIEM or aggregation tools.
• Employ best practices and forensically sound principals such as evidence handling and chain of custody.
• Perform live network assessments using leading packet capture and analysis software tools.
• Establish timelines and patterns of activity based on multiple data sources.
• Identify, document and prepare reports on relevant findings.
• Utilize varied forensic software such as FTK, Encase, IEF, etc.
• Effectively communicate with clients to establish timelines, manage expectations, and report findings.


Preferred:
• Certified in EnCE, CFCE, CCE, DFCP, GCIA, GCIH, GREM, CSIH
• Strong understanding of networking protocols.
• Experience in fast-paced investigations. 
• Experience with programming or scripting languages.
• Familiar with Q-Rader SIEM tool is a plus
• Demonstrated system administration skills.
• Ability to present highly technical information to non-technical audiences

Sachin Bhardwaj
Technical Recruiter
HMG America LLC

P:(732)645-1851

Email: sachin@hmgamerica.com

https://www.linkedin.com/in/sachin-bhardwaj27/  

Wednesday, June 17, 2020

Network Security

Title:                 Network Security Palo Alto Contractor: SVBJP00002837
Location:         Remote, Tempe, AZ
Duration:        6+ Months
 
Job Responsibilities:
This role will report to the Network Security Manager. Their primary focus will be to work through operational tasks and project teams on firewall change needs.
 
Job Duties:
Audit firewall rules base and identifies specific remediation actions based on the following criteria:
- Ensure that firewall request adhere to policy and standards
- Complete business firewall request within the department's service level agreements (SLA's)
- Complete URL request within the department's service level agreements (SLA's)
- Help provide firewall subject matter expertise with project teams
- Help with implementing firewall upgrades and occasional weeknight and weekend firewall changes.
- Plan, coordinate, and execute modifications to the Client's firewall rule base in a production environment without causing adverse impact to the enterprise.
- Work with internal teams to validate the proposed changes, coordinate testing, and ensure that our rules are configured to permit the least privilege.
- Utilize our internal firewall policy management and logging tools to ensure our risk scores improve, and our changes are non-impactful.
 
This individual should have expertise working with Palo Alto firewalls and preferably Zscaler. They will be responsible for adhering to Client change control advisory process and work well with little to no supervision.



Ajay Thakur
Sr. Technical Recruiter
Shimento Inc
1700 N Broadway, San Jose, CA 97596
Phone: (510) 679-3320 Ext.121
Email: Ajay.t@shimento.net

Monday, June 8, 2020

Information Security Analyst

Title: Information Security Analyst
Location: Sunnyvale, CA
Duration: 6+ months
Client: Direct Client
 
This information security analyst will understand ***'s governance, risk and controls strategy for information security and product security and will be responsible for documenting the security policies, security procedures, product architecture topology diagrams and data flows, security controls definition and implementation details. This person will also closely work with the security and product engineering staff members to assess the current state and maturity of various controls, find gaps and define roadmap to address those gaps. The analyst will mainly focus on security-related documentation required for internal and external/audit consumption to obtain industry certifications like PCI-DSS compliance, ISO 27001, SOC2 and SOC3 certifications and other similar regulatory certifications. This person will also focus on enabling *** to be an integral member of Cloud Security Alliance (CSA) and submit the self-assessment documents.

The analyst must have deep understanding of technologies, tools and architecture related to Threat and Vulnerability Management, DevSecOps, Customer Facing IAM, Employee facing IAM, infrastructure security, data security and security intelligence involving SIEM tools implementation and SOC functions. Excellent verbal and written communications are required. The security analyst should have deep understanding of business context of IaaS PaaS and SaaS cloud offferings and what it takes to secure these product offerings. The analyst should also be able to translate the security implementation into risk and governance language for consumption by legal, privacy,. internal audit and external auditors. The analyst should also understand NIST and COBIT control framework and should have prior experience of helping an organization go through the certification process for certifications like ISO 27001 SOC2 etc. Knowledge of and experience in ITSM business processes and the corresponding documentation is required.
 

Mayuri Shende
mayuri@amiseq.com
(408)-503-6899/(724)-740-9637
https://www.linkedin.com/in/mayuri-shende-80700b176/
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035

Friday, June 5, 2020

Security Network Engineer

Role: Security Network Engineer


Location: Dallas, TX

Duration: 12+ Months

 
Requirements: 
A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent. 
Have at least 5 complete years of relevant working experience with implementation / deployment / securing global and enterprise networks. 
Strong experience in the field of cyber security in LAN, WAN, and information technology. Focus on detecting, monitoring and controlling network equipment and processes using: Firewalls / Routers / Switches (i.e. Palo Alto, Juniper, Cisco) VPN / IPSEC (i.e. Palo Alto) Load Balancers (i.e. F5) Network Access Controller Application Software (i.e. Syslog / Trap) Network Tools (i.e. Wireshark, TCP Dump, Iperf) Operations Support Systems (i.e Nagios, Zabbix, PRTG, CMDB) Business applications (i.e. Servicenow, Jira) Configuration management (i.e. Linedancer) Analysis Tools (i.e. Elasticseach, Kabana, Logstash) 
Experience and knowledge of traditional security controls and technologies, such as: Security Information and Event Management (SIEM) systems Intrusion Detection/Prevention systems (IDS/IPS) Public Key Infrastructure (PKI), Identity and Access Management (IDAM) systems Antivirus software and Firewalls 
Privilege/vulnerability and threat management In addition to newer offerings such as: Endpoint Detection and Response (EDR) Information Protection Cloud Security (AWS/Azure) Threat Intelligence Platforms Security Automation and Orchestration Deception technologies and application controls Well-rounded knowledge of system and network security techniques and standards, NIST CSF, 800-53, 800-42. 
Knowledge in penetration testing, networks and operating systems would be an added advantage. 
Demonstrates understanding of project management processes, including the planning of action items and resources, including RFI/RFP. 
Able to communicate developed technology solutions, expresses the importance of an effective implementation and develops implementation plans. 
Certifications in Information Security and IT disciplines such as MCSE, RHCE, CISSP, CEH, Network +, etc. 
Experience with system communications protocols (TCP/IP, UDP IP, HTTP, FTP, SFTP, BGP, OSPF).
Experience in Python, Bash, PowerShell is preferred and C, C++, Visual C, Java, Java Script, SQL, a nice to have. Creative, independent with good problem-solving skills. 
Strong analytical, interpersonal, communication and writing skills. Willingness to travel on overseas assignment as the need arises..


 
Nitin Gera | 408.503.6915 | nitin.gera@amiseq.com
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035

Monday, June 1, 2020

Security Engineer

Title: Security Engineer

Location: Media PA(Remote for now till Covid travel restrictions are lifted after that it needs to be onsite) 

JD

  • Static Security code scans using Coverity, Gymnasium, etc
  • Static Container Security Scan pipelines using Twistlock
  • Run-time Application intrusion detection thread modelling, specifically at API service layer
  • Run-time Security Monitoring operationalization
  • Static Code scans on Opensource libraries within Artifactory
  • To define and enforce Security Quality Gates and to create a technical backlog
  • Liaison with INFOSEC team in addressing security backlog items

Priyanshu Kumar

IDC Technologies Inc.
Desk: 408-290-6336

Text:  315-933-4046

Mailto: priyanshu.kumar@idctechnologies.com

Solution Architect

Role: Solution Architect
Duration: 12+ month Contract
Location: San Francisco, CA
 
Position Summary
As a Cybersecurity Solutions Architect in the Cybersecurity Architecture team, you will be responsible for the development and implementation of repeatable and practical solutions to support the secure design and delivery of technology platforms to protect PG&E against cyberattacks.
 In this position, you will be particularly responsible for the architecture and design of interoperable platforms to implement effective security controls and to meet compliance requirements.
Some solutions will also support physical security requirements.
 You will be expected to lead technology integration efforts for cybersecurity platforms and solutions, and to work with information and operational technology leaders to ensure that controls against cyberattacks are built into solutions and major initiatives.
You will be expected to ensure that security requirements are met in an efficient, sustainable, adaptable, and reusable manner.
You will be collaborating with multiple teams, both within the Security department and with other PG&E lines of business.
 
Job Responsibilities
Your roles and responsibilities will broadly encompass solution architecture and design as well as solution integration. Strategy and tactics are complementary and equally important, with both top-down and bottom-up analysis required depending upon individual circumstances. You will be exposed to all levels of architecture and design in this role. Solution Architecture and Design
• You will leverage your application and network expertise to provide cybersecurity solution engineering and oversight through the deployment lifecycle for security solutions.
• You will actively engage with IT and LOB network and systems engineering teams to ensure that security best practices are incorporated into deployed platforms.
• You will identify deficiencies in existing design patterns and propose new design patterns based on the realities of the PG&E environment.
• You will engage with risk consultants to ensure that solutions will mitigate cyberattack risks. Solution Integration
• You will ensure that deployed solutions meet PG&E security standards.
• You will develop solution blueprints for projects and initiatives.
• You will create and update technical infrastructure specifications and build documentation for projects and initiatives.
 • You will determine requirements for each stage of testing during the project lifecycle.
• You will create a service introduction plan for each project that you support.
• You will Interact with Cybersecurity Services (engineering team) to determine project deployment plans.
 • You will participate in processes to govern the introduction and lifecycle of security technologies.
 
To be successful in this role, you will need to demonstrate the following skills and attributes:
• Foremost, a collaborative and mutually supportive attitude with architecture team members.
• Flexibility within numerous changing situations, working with individuals and groups.
 • The ability to change ideas or perceptions in response to changing circumstances.
• Focus on customer service with the attitude of delivering excellent outcomes.
• Thinking strategically and tactically about business, product, and technical challenges.
• Courage to speak up to identify gaps and problems.
• Comfort with ambiguity and large, complex technology environments.
• Ability to prioritize, multi-task, and plan around deadlines.
• Striking the right balance between operating independently and following established standards and procedures.
 • Effective analysis and problem-solving skills, often under deadline pressure.
• Effective and polished verbal and written communication.
• Commitment to quality design and implementation.
 
Qualifications:
Minimum: Prior PG&E experience is preferred.
• Six years in IT including experience in solution architecture and project implementation experience.
• B.S. degree or equivalent work experience in computer science, computer engineering, business administration, or related field; or equivalent experience.
 
Desired:
• At least one relevant certification such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
 • Exposure to and basic understanding of solution architecture discipline, processes, concepts and best practices.
• Experience with operational support for applications, systems, or infrastructure.
 • Demonstrated knowledge of technological trends and developments in cybersecurity.
• Knowledge of cybersecurity technologies and products deploying those technologies.
• Knowledge of regulatory requirements (including but not limited to HIPAA, SOX, NERC-CIP, TSA, CCPA, other privacy legislation).
• Experience providing direction to design and engineering staff.

Akash
Connect on Linkedin
Technical Recruiter
Desk: (408-503-6887)