Previous Job
Previous
Sr. Incident Response Security Analyst
Ref No.: 18-00126
Category: Technology
Location: Montvale, New Jersey
Position Type:Direct Placement
Start Date: 06/13/2018
Pay Rate : $ 110,000.00 - 130,000.00 /Year
**Sr. Incident Response Security Analyst--Primary Focus
Sr Information Security Analyst
Northern NJ
Salary: TBD
**This is a Perm/Yearly Salary Job. NO Third Parties, NO Sponsorship available.


Job Summary:
As a key member of Security Operations, the Sr. Information Security Analyst will provide technical expertise within the areas of threat management, incident response, forensics, and investigations. The individual will work with various teams and stakeholders and provide support to the Computer Security Incident Response Team (CSIRT).
The position requires the ability to analyze and interpret security incidents and drive outstanding incidents to closure. Key responsibilities include assisting in the day-to-day operations and monitoring of security applications including Security Incident and Event Management (SIEM) platform, endpoint protection (AV/ Anti-Malware), data loss prevention, intrusion detection/prevention systems, Network Access Control (NAC) and other commercial and open source security systems/applications.
Operations support includes the ability to create formal documentation and provide recommendations for security improvements. This role will require the individual to multitask and serve as a technical point-of-contact for information security related incidents. The role requires occasional off hours support and on-call rotation.

Responsibilities:
  • Monitor various industry standard security tools (e.g., SIEM, IDS/IPS, Firewalls, Network Access Control, Endpoint Protection, DLP, etc.) to identify potential security related Incidents.
  • Conduct vulnerability scans using industry standard tools such as Qualys, Rapid7, Metasploit, etc.
  • Analyze log files to report and follow-up on any unusual or suspect activities.
  • Properly acquire and preserve integrity of data/evidence required for Incident Analysis to help determine the impact, and the root cause of the Incident.
  • Established incident response procedures to ensure proper escalation, analysis, and resolution of Security Incidents.
  • Create and utilize incident response playbooks to follow established and repeatable processes for triaging and containment of an Incident.
  • Work with various stakeholders to ensure appropriate communication, coordination and closure of Incidents.
  • Actively contribute to the development and oversight of the enterprise security management strategy and framework.
  • Participate in and lead product selection, vendor evaluations, and implementations of security technologies.
Desired Certifications:
  • Industry security and systems certifications (CISSP, CEH, GCIH, RHCSA/RHCE, MCSE, CCNA, etc.)
  • ITIL Certified and or able to obtain ITIL Foundations Certifications within the next 3 months.
Technical Skills:
  • Experience with firewalls, NAC, PKI, Identity and Access Management, IPS, Web Proxies, vulnerability management, file integrity monitoring, endpoint security platforms (AV, encryption, DLP, etc.)
  • Experience monitoring for policy violations or malicious activity and providing appropriate response and remediation.
  • Experience designing, implementing, and executing Incident Response plans and procedures.
  • Microsoft Active Directory Group Policy Object experience.
  • Security operations and/or engineering experience.
  • UNIX/Linux system administration skills (Red Hat Linux, AIX, etc.) desired.
  • Basic understanding of database administration (MS SQL, MySQL, Oracle).
  • Basic knowledge of scripting (Perl, Bash, Shell, etc.)
  • Understanding of PCI and IT SOX regulatory compliance.
Non-Technical Skills:
  • Excellent teamwork skills; written and oral communication skills. Excellent formal documentation skills.