XSOAR/Encase Administrator (Senior Cybersecurity Specialist)

Job Description

The Cybersecurity Product Specialist, Senior will work closely with Managers, Project Managers, team leaders, specialists, security teams, and subject matter experts. This position maintains, analyzes, develops and delivers Security Intelligence and Event Management solutions. This position will work closely with our Lines of Business and Security Intelligence Operations Center (SIOC) and be responsible for maintaining and maturing our SIEM Operational program. Primary responsibilities consist of the day to day operations and maintenance/support of our Cybersecurity Infrastructure technologies. This position is responsible for troubleshooting complex problems across multiple Operating Systems (Windows Desktops, Windows Servers and Linux) and Environments.

• Administrative experience and technical knowledge in Cybersecurity product support such as: IBM
  QRadar, XSOAR, OpenText EnCase
• Experience with Security Information and Event Management products
• Experience in QRadar administration and support
• Achieve positive results with multiple projects/efforts running simultaneously
• Scripting experience for automation
• Familiar with one or more security controls/risk management frameworks (ISO, NIST, etc.)
• Understanding of risk and security controls
• Understanding of network protocols, enterprise architecture, and common network logging functions
• Critical thinking, active listening, and analytical skills with aptitude for tactical solutions that are forward thinking
• Self-motivated
• Solid communication skills and ability to interact with clients
• Skilled at being team player
• Energizes coworkers, and maintaining a positive attitude towards the team and the business directions

WHY OPEN?: New product for them is XSOAR – Intelligence software workflow. They don’t want to have an end user with 15 different monitors, and monitor 15 different screens, this will shrink it down and automate some of the human tasks. Allows the cyber security folks to really focus on what’s “real”

• If we cannot find any XSOAR folks, Encase would be a secondary skill set that they would like to take a look at.
• Linux background still needed. Windows still desired
• Ideally wants someone for XSOAR, but doesn’t want to wait months for these resources.

1. XSOAR or Encase –Senior level operations support. This person will need to work on troubleshooting if there are issues, from an application support perspective.

Linux background

• Troubleshooting
• Administration of Linux (a couple years of experience is okay – RedHat preferably)

Windows background

• Administration of Windows (2008 and 2012 server)

• AWS
• Fortigate
• Elasticseach
• Maltego
• SafeBreach
• Scythe
• Powershell
• Korn Shell
• Bash Shell
• WMI

XSOAR or Encase ?Senior level operations support. This person will need to work on troubleshooting if there are issues, from an application support perspective.

Phone: +1 925-361-2638

Qualifications

The Cybersecurity Product Specialist, Senior will work closely with Managers, Project Managers, team leaders, specialists, security teams, and subject matter experts. This position maintains, analyzes, develops and delivers Security Intelligence and Event Management solutions. This position will work closely with our Lines of Business and Security Intelligence Operations Center (SIOC) and be responsible for maintaining and maturing our SIEM Operational program. Primary responsibilities consist of the day to day operations and maintenance/support of our Cybersecurity Infrastructure technologies. This position is responsible for troubleshooting complex problems across multiple Operating Systems (Windows Desktops, Windows Servers and Linux) and Environments.

• Administrative experience and technical knowledge in Cybersecurity product support such as: IBM
  QRadar, XSOAR, OpenText EnCase
• Experience with Security Information and Event Management products
• Experience in QRadar administration and support
• Achieve positive results with multiple projects/efforts running simultaneously
• Scripting experience for automation
• Familiar with one or more security controls/risk management frameworks (ISO, NIST, etc.)
• Understanding of risk and security controls
• Understanding of network protocols, enterprise architecture, and common network logging functions
• Critical thinking, active listening, and analytical skills with aptitude for tactical solutions that are forward thinking
• Self-motivated
• Solid communication skills and ability to interact with clients
• Skilled at being team player
• Energizes coworkers, and maintaining a positive attitude towards the team and the business directions

WHY OPEN?: New product for them is XSOAR – Intelligence software workflow. They don’t want to have an end user with 15 different monitors, and monitor 15 different screens, this will shrink it down and automate some of the human tasks. Allows the cyber security folks to really focus on what’s “real”

• If we cannot find any XSOAR folks, Encase would be a secondary skill set that they would like to take a look at.
• Linux background still needed. Windows still desired
• Ideally wants someone for XSOAR, but doesn’t want to wait months for these resources.

1. XSOAR or Encase –Senior level operations support. This person will need to work on troubleshooting if there are issues, from an application support perspective.

Linux background

• Troubleshooting
• Administration of Linux (a couple years of experience is okay – RedHat preferably)

Windows background

• Administration of Windows (2008 and 2012 server)

• AWS
• Fortigate
• Elasticseach
• Maltego
• SafeBreach
• Scythe
• Powershell
• Korn Shell
• Bash Shell
• WMI

XSOAR or Encase ?Senior level operations support. This person will need to work on troubleshooting if there are issues, from an application support perspective.

Phone: +1 925-361-2638

Additional Information

All your information will be kept confidential according to EEO guidelines.