Security Specialist (SE-10248)
We are seeking a Security Analyst into their new team who will responsible for a freshly started international Security Operation Center.
• Monitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows and Unix), and databases
• Separate true threats from false positives using network and log analysis and escalate possible intrusions and attacks
• Initiate tickets, document, and escalate to higher-level security analysts
• Serve as the technical escalation point and mentor for lower-level analysts
• Regularly communicate with customer IT teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual
• Perform triage of incoming issues (assess the priority, determine risk).
• Work with customers to deploy hardware and software monitoring systems
• Maintain a strong awareness of the current threat landscape.
• Knowledge of and experience with intrusion detection/prevention systems and SIEM software
• Strong knowledge and understanding of network protocols and devices.
• Strong experience with Mac OS, Windows, and Unix systems.
• Ability to analyze event logs and recognize signs of cyber intrusions/attacks
• Ability to handle high pressure situations in a productive and professional manner.
• Ability to work directly with customers to understand requirements for and feedback on security services
• Strong knowledge of the following: SIEM, Packet Analysis, SSL Decryption, Malware Detection, HIDS/NIDS,
Network Monitoring Tools, Case Management System, Knowledge Base, Web Security Gateway, Email
Security, Data Loss Prevention, Anti-Virus
• Fluent English both orally and written
• Minimum bachelor’s degree in Information Security, Computer Science, or other IT-related field or proved equivalent time and experience in cybersecurity
• Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, penetration testing, or related areas
• 2-4 years of hands-on SOC/TOC/NOC experience
• GCIA required. GCIH, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred
• Familiarity with tools such as IDA Pro, PEiD, PEview, Procmon, Snort, Bro, Kali Linux, Metasploit, NMAP, and Nessus
• Familiarity with GPO, Landesk, or other IT Infrastructure tools
• Understanding of programming/scripting languages and ability to run basic database queries