Vacancy expired!
Job Description:
Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements.Required Skills:• Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network based bank assets.• Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers.• Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs.• Working knowledge of Linux, Windows, and OS X operating systems.• Comfortable with scripting languages and regular expressions• Strong knowledge common network protocols• Working knowledge of enterprise Client / Server architectureWe are a front line team that handles active security events and highly current threats. On call and after hours work can be expected although we rotate to approximately one week every 2 months.The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security teamDesired Skills:• Experience doing packet captures and interpreting them (wireshark for example).• Understanding of stateful firewalls and able to interpret firewall rules.• Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs.• Full understanding of modern web site deployments and technology.• Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion.• Use tools to detect anomalomalicious data transmissions on the network.• Use advanced analytics / security tools to detect malware on the network.Enterprise Role Overview - Operates tools and processes that provide cybersecurity defense. Uses technical expertise to provide systems disruption protection (DDoS), systems intrusion protection (IDS/IPS, WAF, Log Monitoring), network boundary protection (NAC, Firewalls), detects/prevents malware threats for applications and infrastructure and protects data leakage. Utilizes experience and deep knowledge of IT platforms, tools, and concepts to ensure cybersecurity protection is integrated into all layers of defense. Provides regular status updates to management team. Typically has 3-5 years of relevant experience in one or more threat prevention disciplines.Job Band:H5Shift:1st shift (United States of America)Hours Per Week:40Weekly Schedule:Referral Bonus Amount:0 > Job Description:Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements.Required Skills:• Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network based bank assets.• Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers.• Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs.• Working knowledge of Linux, Windows, and OS X operating systems.• Comfortable with scripting languages and regular expressions• Strong knowledge common network protocols• Working knowledge of enterprise Client / Server architectureWe are a front line team that handles active security events and highly current threats. On call and after hours work can be expected although we rotate to approximately one week every 2 months.The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security teamDesired Skills:• Experience doing packet captures and interpreting them (wireshark for example).• Understanding of stateful firewalls and able to interpret firewall rules.• Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs.• Full understanding of modern web site deployments and technology.• Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion.• Use tools to detect anomalomalicious data transmissions on the network.• Use advanced analytics / security tools to detect malware on the network.Enterprise Role Overview - Operates tools and processes that provide cybersecurity defense. Uses technical expertise to provide systems disruption protection (DDoS), systems intrusion protection (IDS/IPS, WAF, Log Monitoring), network boundary protection (NAC, Firewalls), detects/prevents malware threats for applications and infrastructure and protects data leakage. Utilizes experience and deep knowledge of IT platforms, tools, and concepts to ensure cybersecurity protection is integrated into all layers of defense. Provides regular status updates to management team. Typically has 3-5 years of relevant experience in one or more threat prevention disciplines.Job Band:H5Shift:1st shift (United States of America)Hours Per Week:40Weekly Schedule:Referral Bonus Amount:0Job Description:Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements.Required Skills:• Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network based bank assets.• Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers.• Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs.• Working knowledge of Linux, Windows, and OS X operating systems.• Comfortable with scripting languages and regular expressions• Strong knowledge common network protocols• Working knowledge of enterprise Client / Server architectureWe are a front line team that handles active security events and highly current threats. On call and after hours work can be expected although we rotate to approximately one week every 2 months.The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security teamDesired Skills:• Experience doing packet captures and interpreting them (wireshark for example).• Understanding of stateful firewalls and able to interpret firewall rules.• Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs.• Full understanding of modern web site deployments and technology.• Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion.• Use tools to detect anomalomalicious data transmissions on the network.• Use advanced analytics / security tools to detect malware on the network.Enterprise Role Overview - Operates tools and processes that provide cybersecurity defense. Uses technical expertise to provide systems disruption protection (DDoS), systems intrusion protection (IDS/IPS, WAF, Log Monitoring), network boundary protection (NAC, Firewalls), detects/prevents malware threats for applications and infrastructure and protects data leakage. Utilizes experience and deep knowledge of IT platforms, tools, and concepts to ensure cybersecurity protection is integrated into all layers of defense. Provides regular status updates to management team. Typically has 3-5 years of relevant experience in one or more threat prevention disciplines.Shift:1st shift (United States of America)Hours Per Week:40Learn more about this roleVacancy expired!