Search for More Jobs
Forward this job to a friend
Apply by email without Registering
Apply by creating/using account
Please enter your registered email address, and we'll email you a link to reset your password right away.
Position: Security Risk Assessment Specialist
Location: Nassau Park, NJ
Duration: 6 Months (Possible Extension)
This position is 100% on site. No remote applicants please. It is not an option.
Position needed for Cyber Threat Operations capabilities
Cybersecurity Analyst (Incident Response/SIEM/Malware Analysis/NetWitness)
Seeking an experienced advanced security analyst to serve as a consultant performing incident response triage and analysis using network security tools in a CIRT/SOC environment. Primary tools will include FireEye HX, RSA Security Analytics (Netwitness), McAfee Enterprise Security Manager (Nitro) SIEM, and FireEye HX.
Member of team that is responsible for detection and response for advanced threats, including monitoring, analyzing, categorization, and configuration and tuning of the SIEM application and related traffic collection, alerting and reporting capabilities. This team develops and implements new signatures and policies to optimize the SIEM correlation engine and streamline the log management capabilities. Recognizes and identifies potential threats to the network and systems connected to the network from the Internet and Intranet. Operates, documents, and maintains security controls. Monitor for, and investigate potential security breaches. The team also reviews internal and external network traffic to create policies that intercept Malware and other network attacks using RSA Security Analytics (Netwitness) and other network IDS capabilities. Additionally the team is responsible for the infrastructure support, configuration, and use of the FireEye HX Endpoint Detection and Response (EDR) environment, to detect and respond to advanced threats.
* Consult on building correlation rules & alerts for the McAfee Enterprise Security Manager (Nitro) SIEM and RSA Security Analytics (NetWitness) products to identify malicious activities
* Support infrastructure of the FireEye HX environment
* Create host-based Indicator of Compromise (IoCs) FireEye HX
* Analyze and respond to FireEye Mandiant Intelligent Response hit reports
* Third-level support to review, triage, analyze, and respond to alerts received in SIEM
* Proactively review network data packets for potential attacks
* Malware analysis as appropriate
* Support forensic investigations as appropriate
Work Experience/ Skills REQUIRED
• Minimum of 5 years of InfoSec experience, preferably in a CIRT/SOC environment
• Minimum of 5 years but prefer 10+ years of Networking, TCP/IP, switching/routing/firewall experience.
• Minimum of 2 years but prefer 5 years of Network analysis, with a focus on security, tcpdump, windump, wireshark.
• Experience with host-based triage, forensics, and malware analysis using FireEye HX and Mandiant Redline or similar Endpoint Detection and Response (EDR) tool
• Experience analyzing network traffic with RSA NetWitness or similar network monitoring toolset
• Experience analyzing log events and alerts in a SIEM environment
• Experience using a malware sandbox such as Cuckoo
• Experience with cyber incident response
• Experience with software and OS vulnerability, CVE, patch and threat analysis
• Experience with CVEs, patch analysis, threat analysis
• Written and verbal communication at a level appropriate for customer interaction/visibility
• Bachelor*s degree in a technical discipline is strongly preferred but will look at candidates with equivalent experience
Helpful industry certifications
• CISSP, SANS GIAC (GCIA, GCIH, GCFA, GNFA), CCIE, CCNA, CEH, Security+, Network+, and other security vendor specific certs.
Interested candidates can send their updated resumes on email@example.com and you can also reach me at 973-967-3431.
Apply by creating/using account