IT- Cyber Security Threat Analyst - 9600

Apply for this Position

Application Form     (* indicates required field)

Add LinkedIn Profile (optional) Login to enable automatically, or enter below: how?

Please attach the following files

Please upload either a word or PDF version of your cover letter for this position.
Please upload either a word or PDF version of your current resume.
Such as letters of recommendation, work examples, etc.

You will receive confirmation after we have received your application.

Qualifications: Bachelors in Computer Science, or related discipline, or equivalent experience

  • Certified Information Systems Security Professional (CISSP) certification
  • Experience in Information Technology (IT),
  • 6yrs Extensive experience in analyzing network packet capture data using tools such as Wireshark
  • Experience performing computer forensics and memory analysis using industry standard and open source tools
  • The candidate should have SOC experience including Event Monitoring /Incident Response and some endpoint forensics experience.
  • SOC experience is a must.

Desirable - Prior experience working in a 24x7 security operations center

Responsibilities: Acts as a subject matter expert in area of field.

  • Leads moderately to complex projects which may be cross functional.
  • Analyzes complex malware/exploits through forensics, observation of network traffic and using other tools and resources to determine if Client’s systems are vulnerable.
  • Leads development of framework for implementing tools and processes to improve quality and timeliness of reports.
  • Expert in area of field and applies extensive knowledge of concepts, principles, and practices.
  • Codes complex tasks that integrate systems, produce reports or provide output that can be leveraged by other team members or systems.
  • Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events.
  • Assists in performing basic research internally and externally.
  • Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools.
  • Develops a strategy to implement work in department.

Comments/Special Instructions

PLEASE NOTE:

  • Our client manager is looking for good process documentation skill / experience.
  • NERC access is required for this position.
  • The candidate must have SOC experience including Event Monitoring /Incident Response and some endpoint forensics experience.
  • SOC experience is a must.
  • Not looking for Security Engineering background, but more of someone that has a good understanding of traffic analysis ( PCAP/Wireshark ), incident response and some endpoint/malware analysis experience.
  • Prior SEIM experience – Security event and information management system, log aggregation and event notification
  • Network packet analysis(PCAP analysis) – Analyzing network packet for malicious / suspicious activity
  • Wireshark experience and WCNA( a plus) - Open source network packet analysis tool , WCNA – wireshark certificate.
  • Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert.
  • Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application
  • Good analytical skills – ability to analyze and think out of the box when working a  security event
  • Experience with IBM QRadar a plus – IBM QRadar is the SEIM our client has deployed and is using.
  • Good networking knowledge – Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking.
  • Any GIAC certifications a plus – These are SANS( industry well known security course provider) certs such as GMON, GSEC, GCIH etc.
Location: Concord, CA
Apply for this Position
Apply at: https://sedaa.hiringthing.com/job/55662/it-cyber-security-threat-analyst-9600