Vacancy expired!
Summary As the most senior security expert on the team the IS Security Specialist must lead security incident response to resolution. Provides expert guidance and serve as a mentor for junior analysts. Keeps up with the cyber threat landscape and provides recommendations to address the latest threats as soon as they are made publicly available. Leads penetration testing activities and performs advanced threat hunting. Refines and tunes advanced toolset. Description •30% Serve as a senior security expert on the IS security team in planning, developing and implementing enterprise information security architectures and solutions. Researches, designs, and advocates new technologies, infrastructure, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Identifies, plans and implements security tools. Leads security incident response to resolution.
•30% Leads penetration testing activities and performs advanced threat hunting. Anticipates and mitigates potential attacks through enterprise connections to ensure the security of the system (s). Exploits weaknesses detected in systems to assess and prevent potential break-ins. Analyzes business impact and exposure based on security threats, vulnerabilities, and risks.•20% Provides expert guidance and serve as a mentor for junior analysts. Performs daily monitoring and review of security events that are escalated by junior analysts. Performs investigations as needed and responses to potential incidents rapidly and accurately.•10% Researches new security/cyber intelligence. Keeps up with the cyber threat landscape and provides recommendations to address the latest threats as soon as they are made publicly available. Refines and tunes advanced security toolset to bring those threats to the attention of the security analysts.•5% Evaluates and recommends procedures and processes for the prevention, detection, containment and correction of information security breaches. Advises management and users regarding security procedures.•5% Monitors security agencies and services in order to keep apprised of current security threats and concerns. Evaluates products and/or procedures to enhance productivity and effectiveness of information security across the organization.This position requires the ability to obtain a C2 Security Clearance which, requires U.S. Citizenship Required Education: Bachelor's degree in Computer Science, Information Technology or other job related degree. OR2 years of job related experience plus an associate's degree in Computer Science, Information Technology or other job related degree. OR4 years of job related work experience.Required Work Experience:- 10 years of job related technical experience.
- Previous incident response and forensic analysis experience.
- Content development and experience creating correlation rules.
- Advanced incident response experience in a medium to large sized enterprise.
- Strong experience interpreting and acting on cyber threat intelligence.
- Experience with enterprise level security tools such as ArcSight, FireEye, Splunk and IDS/IPS
- Reverse Malware Engineering experience
- Advanced knowledge of Windows and Unix operating systems.
- Enterprise SME - This position is considered a subject matter expert in Cyber Security.
- Previous Threat intelligence gathering, Threat Hunting and Forensic experience is required.
- Candidate should be capable of gaining access to the darknet and performing intel gathering activities firsthand.
- Understanding how exploit kits work be willing to work with the team to test these kits against our systems.
- Strong analytical, data gathering and problem solving skills with experience analyzing network attacks.
- Thorough understanding of system and network security, incident management, intrusion detection, log analysis, and related technologies.
- Creativity to recognize and address new threats and security challenges as they arise.
- Advanced knowledge of enterprise data architecture, systems engineering and data communications as applied to the automated storage and retrieval of information, using multiple platforms and protocols with the inherent security risks of each.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Comprehensive understanding of the organization's goals and objectives.
- Expertise with threat analysis risk management, configuration management, business continuity and contingency planning.
- Advanced knowledge of administrative, procedural and technical controls used to reduce security risks.
- Advanced ability to troubleshoot multi-vendor Security issues.
- Strong organizational, interpersonal and oral communication skills.
- Advanced proficiency in network troubleshooting, diagnostic root cause analysis.
- Excellent analytical and problem-solving abilities.
- Network and Systems Administration
Vacancy expired!