Vacancy expired!
- Provide Security Information Event Management (SIEM) analysis of security events from multiple technologies including firewall, IPS, endpoint protection, web content filtering and Data Loss Prevention.
- Directly involved with incident analysis, incident handling, malware forensic analysis, and triage.
- Provide intelligence reports on the latest trends, provide awareness of emerging Cyber threats, and will manage and monitor threat feeds to all security systems including cloud security technologies (i.e WAF, Cloud App Security, Conditional Access).
- Investigate and analyze security incidents and interface with internal/external parties involved while maintain a high level of professionalism and confidentiality.
- Assist in the remediation of attacks across a wide range of network services, applications, and network operating systems, including Microsoft Windows (all versions), UNIX, and Linux.
- Performs analysis and reverse engineering of malware for threat intelligence using behavioral analysis tools and sandboxing.
- Manages Information Security ticket que and assigns tickets accordingly.
- Co-Lead SIEM Correlation and Policy review monthly meetings; Perform strategic decisions focused on countermeasures and security compliance.
- Perform security training for Information Technology staff including Service Desk, Deskside Support and NTS
- Develops and maintains policies and procedures related to incident handling and analysis.
- Provide written technical analysis on emerging cyber threats to senior and executive management.
- Proactively identify opportunities for improvement in security management through process improvement and/or technology recommendations.
- 5+ years of experience in Information Security Incident Handling and Analysis
- Demonstrated knowledge of security management concepts.
- Demonstrated knowledge of Security Information (SIEM) and Event Management solutions, Firewalls, Intrusion Prevention Systems (IPS), and endpoint security is required.
- Ability to make decisions and take independent action on tactical and operational matters affecting Information Security issues.
- Excellent formal writing, documentation, and presentation kills with the use of Microsoft Office products.
- Proven ability to influence and communicate effectively at all levels.
- Ability to articulate complex threat information to technical and non-technical audiences
- Demonstrated skills in technical issue resolution and excellent analytical and problem-solving skills.
Vacancy expired!