Listing Description
- Reviews threat data from various sources and performs cyber intelligence gathering and in-depth analysis of various threats. - Actively monitors, analyzes and correlates network traffic utilizing the latest in security technology, evaluates security
incidents, performs research and provides in-depth incident analysis. Position requires scheduling flexibility to address work
assignments, which includes regular scheduled on-call, unscheduled on-call support in the event of system problems.
- Candidate must possess a BA or BS degree in Computer Science, Security Studies, Intelligence Studies, Cyber Security,
Information Management or related field with 7 to 10+ years of experience in the following:
- Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques.
- Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods,
tools/techniques/practices.
- Working knowledge in one or more of the following topics: Third Party Risks/Threats, Cyber Espionage, Hacktivism, -
Distributed Denial of Service Attacks, Malware, Mobile or Emerging Threats, Social Engineering, Insider Threats, and
Advanced Persistent Threats (APTs).
- Preferred CISSP, GIAC, or CISM certification.
- Experience with common host and network security protocols and tools.
- Common security controls is required including; authentication, encryption, IPS, input validation, WAFs,firewalls, HIPS, etc.
Malware analysis and reverse engineering. Memory analysis a plus.
- Proficient in both Linux and Windows operating systems.
- Understanding of application protocols.
- Demonstrates strong competence with issues relating to IPS management, network architecture as it pertains to intrusion
detection and event correlation and management.
- Fluent in at least one of the following: Python, Ruby, Power Shell, C#, Bash, Perl, C++.
- Experience with packet capture and network traffic analysis.
- 3+ years of experience in intrusion analysis for large-scale enterprise environment.
- Experience with STIX, TAXI, OpenIOC, and other threat intelligence schemas.
- Experience collecting, processing, and analyzing open source intelligence.
- Strong written and verbal communication skills.
- Knowledge of information security frameworks and governance standards; NIST, ISO/IEC 17799:2005 and 27001.
- Knowledge of audit frameworks such as COSO and COBIT.
- Knowledge of regulatory compliance standards. (PCI, GLBA, HIPAA, SOX, and SAS70).
- Ability to lead projects or small teams.Serves as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry recognized security technologies and concepts; actively engages and assists lines of business to understand their needs and develop secure business solutions.
Remains knowledgeable of changes in security technology, industry practices, and state and federal regulatory requirements; provides technical assistance to IT staff in the detection and resolution of security problems.
Monitors security advisory groups to ensure security updates, patches and preventive measures are in place.
Monitors, analyzes, and interprets system logs for events and incidents reflective of unauthorized access or operational irregularities and escalates for action as appropriate.
Participates in risk assessment activities and assists in analyzing the output of audits to produce recommendations of acceptable risk.
Promotes activities to foster information security awareness throughout the organization.
Ensures compliance with policies and procedures for change management.
Creates policies, procedures, standards, and guidelines used to secure assets against unauthorized or accidental modification, destruction, or disclosure.
Responds to incidents to prevent additional loss and to obtain and preserve forensic evidence.
Administers security related processes and tools; screens and verifies updates are made to required systems.
Research, evaluate and recommend information security related applications, hardware, and software.
Coordinates efforts to assure compliance with security patch application and virus protection policies.
Acts as a liaison to product groups and assists them in the implementation of security technologies and applications security.
Intermediate professional level role.
Develops security solutions for medium to highly complex assignments.
Works on multiple projects as a team member and lead systems-related security components.
Listing Details
- Salary: $150000 - $170000
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: No Requirements
- Travel: Travel 25
- Telework: Full Telecommute