24 Nov
Sr Cyber Security Analyst - All Covered
Vacancy expired!
- Lead security incident investigations, conducting in-depth technical analysis (including host and network-based forensics)
- Evaluate security solutions and monitor various Security blogs, alerts and notifications, RSS feeds and forums in order to keep abreast of the latest security news, attacks, threats, vulnerabilities and exploits
- Review and analyze data and network traffic from numerous security tools such as full packet captures and security device logs in order to detect traffic anomalies, identify infected systems and determine lateral movement of infections across the network
- Contribute to incident response, maintaining relevant communication in emails, ticket summaries, analysis and reporting. Work with Incident Handlers to provide recommendations for remediation of compromised systems and any relevant counter-measures
- Perform malware analysis, identify areas of persistence on user devices and detect indicators associated with malware or specific Advanced Persistent Threat (APT) techniques
- Review, create or document standard operating procedures, recommendations, project specific documents and resource guides as needed
- In-depth knowledge of network intrusion methods, network containment and segregation techniques
- In-depth knowledge of operating systems (Windows & UNIX, Mac OS X a plus)
- Expert understanding of TCP/IP networking, routing protocols and full packet capture analysis
- In-depth network security expertise including firewall, IDS and IPS
- Experience building baselines of network activity for use in anomaly detection
- Experience with proactive threat hunting techniques and concepts in an enterprise environment.
- Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
- Knowledge of typical behaviors of both malware and malware authors
- Static and dynamic malware analysis experience
- Experience using and writing custom signatures for IDS
- Digital forensics experience focusing on Windows systems from a malware perspective
- Knowledge of enterprise systems and infrastructure
- Proven understanding of log parsing and analysis at a large scale with data clustering tools or techniques
- Experience with a scripting language such as Perl, Ruby, Python, and BASH
- At least 3-5 years prior experience in firewall and WAN networking (router and switch experience).
- Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors.
- Able to work under pressure in time critical situations.
- Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation.
- Detailed knowledge of current international best practices in the incident response arena.
- Excellent written and verbal communication skills are required.
- Ability to communicate effectively with business representatives in explaining impacts and strategies and where necessary, in layman's terms.
- 5+ year's Cyber Security Incident Response, Security Operations Center and/or Attack Analysis in a large, mission-critical environment
- Bachelor's Degree in Computer Science or related field
- Master’s Degree in Engineering, Business Management, or Technology related fields a major plus
- Industry standard information security and incident response certifications (CISSP, GCIA, GCIH, GREM, etc) are a plus.
- Memberships and participation in relevant professional associations.
- Competitive salary
- Outstanding benefits package (including medical, dental, vision, life insurance)
- 401(k) plan with matching company contribution
- Generous holiday and paid time off schedules
- Tuition Reimbursement Program
- Ongoing professional development training
Vacancy expired!