IT- Cyber Security Threat Analyst/Specialist – Senior
Previous Job
Previous
IT- Cyber Security Threat Analyst/Specialist – Senior
Ref No.: 18-00410
Location: Concord, California
Cyber Security Threat Analyst/Specialist
Concord, CA
5 Months


Prior SEIM experience – Security event and information management system, log aggregation and event notification
Network packet analysis(PCAP analysis) – Analyzing network packet for malicious / suspicious activity
Wireshark experience and WCNA( a plus) - Open source network packet analysis tool , WCNA – wireshark certificate.
Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert.
Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application
Good analytical skills – ability to analyze and think out of the box when working a security event
Experience with IBM QRadar a plus – IBM QRadar is the SEIM Client has deployed and is using.
Good networking knowledge – Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking.
Any GIAC certifications a plus – These are SANS( industry well known security course provider) certs such as GMON, GSEC, GCIH etc.

Tools( for associate the below tools in their resume will be a huge plus, for career and above I expect to see at least one of these below

IBM QRadar SEIM
Encase – Forensics analysis tool
ProofPoint
IDS / IPS
Palo Alto Firewalls
Open source security tools such as Suricata, SANS SIFT workstation,
Open source forensics tools – Volatility etc.


Qualifications:
Bachelors in Computer Science, or related discipline, or equivalent experience Certified Information Systems Security Professional (CISSP) certification Experience in Information Technology (IT), 6yrs Extensive experience in analyzing network packet capture data using tools such as Wireshark Experience performing computer forensics and memory analysis using industry standard and open source tools Desirable - Prior experience working in a 24x7 security operations center

Responsibilities:
Acts as a subject matter expert in area of field. Leads moderately to complex projects which may be cross functional. Analyzes complex malware/exploits through forensics, observation of network traffic and using other tools and resources to determine if client systems are vulnerable. Leads development of framework for implementing tools and processes to improve quality and timeliness of reports. expert in area of field and applies extensive knowledge of concepts, principles, and practices. Codes complex tasks that integrate systems, produce reports or provide output that can be leveraged by other team members or systems. Performs proficient forensic analysis using security tools and monitoring systems to Client the source of anomalous security events. Assists in performing basic research internally and externally. Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools. Develops a strategy to implement work in department.