Listing Description
INNOVATE TO SOLVE THE WORLD'S MOST IMPORTANT CHALLENGES
Honeywell Global Security (HGS) believes in integrating security into all aspects of our business to protect the people, processes, and assets by which Honeywell achieves its greater mission. Advancements in technology, contractual and regulatory requirements, emerging threats, and Honeywell's growth worldwide continue to challenge all of us to ensure everything we do in business is done securely.
The Security Operations Center (SOC) is searching for an incident response analyst with extensive experience in forensic analysis of compromised systems and the ability to reverse engineer malware. The preferred candidate should also be able to formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies, and artifacts of data ex-filtration. Candidate must be highly motivated with the ability to self-start, prioritize, and multi-task within a team and coordinate work actions.
You will have the opportunity to take your proven experience and…
Apply an understanding of Government & Organizational Regulations including NIST, CUI, ISO
Influence leadership and create partnership with businesses and functional leaders to build a cyber safety culture
Willingness to serve as a member of an Incident Response Team (IRT) and respond to emergency calls during non-business hours, as needed and participate in on-call rotation
YOU MUST HAVE
Bachelor’s degree in a computer related field such as Computer Science, Computer Information Systems, Electronics or in lieu of degree, directly related experience
Must be a US Citizen or permanent resident
WE VALUE
Extensive experience performing forensic analysis of Windows and Unix systems to identify compromise artifacts (3+ years)
Strong experience with malware analysis and reverse engineering (3+ years)
Experience in building sandbox/test lab environments to evaluate malicious code
Experience with log management and/or SIEM technologies such as Splunk, ArcSight, and LogLogic
Scripting and programming experience (e.g., Python, Perl, C, C++, Java, Assembly Language, Shell Scripting)
Experience with databases and SQL
Ability to identify actionable indicators of compromise based upon analysis of malware of forensic data
Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
Experience performing incident response with an emphasis on system compromise analysis
Experience performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools.
Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns.
Creation of tools to automate analysis of malicious binaries.
Ability to perform network based forensics and log analysis
Strong understanding of incident response methodologies and technologies
Ensure the confidentiality, availability, and integrity of SOC data sources
Ability to react quickly, decisively, and deliberately in high stress situations
Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
Technical certifications considered an asset are: CISSP,GCIH, GCIA, GCFA, GPEN, GCFE, CCNA, CCNP
Exempt
Cyber Security Incident Response
Forensic Analysis
Vulnerability Risk Assessments
Malicious Software Reverse Engineering
Security Research
INCLUDES
Continued Professional Development
ADDITIONAL INFORMATION
Job ID: HRD19932
Category: Information Technology
Location: 1300 W Warner Rd., Tempe, AZ 85284 USA
Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status.Cyber Security Incident Response
Forensic Analysis
Vulnerability Risk Assessments
Malicious Software Reverse Engineering
Security Research
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: No Requirements
- Travel: No Travel
- Telework: No Telecommute