Duration: contract positions 12 months
Location: Pleasanton or Vacaville (onsite for the 1st week, onsite as needed onward)
Must be within commuting distance to Pleasanton or Vacaville, CA
Duties/responsibilities:
- Provide the highest quality services in the shortest timeframe possible with effective & efficient transfer knowledge to client’s employees.
- A self-starter that can come up to speed in domain knowledge in a very short period
- Proactively identify & assess threats to client users, network & data.
- Monitor & respond to reports of malicious activity.
- Respond & investigate intrusions & security events.
- Demonstrate an understanding of client threat landscape.
- Perform thorough analysis of attacks & anomalous network behavior.
- Provide summarized & detailed analysis & documentation in support of ESEC
- Perform proficient forensic analysis using security tools & processes.
- Identify Actionable Intelligence by processing Threat Intelligence (TI).
- Demonstrate ability to identify, contain, eradicate & recover from security incidents.
- Collaborate with client business units, partners & individuals to mitigate security threats.
- Advise the CISO & ESEC team on matters involving organizational, strategic, tactical & security best practices related to forensics & sec. incidents mgt.
- Attend meetings/represent ESEC as a sr. lead for all sec. matters
- Act as lead/co-lead/backup on assigned ESEC projects
- Mentor jr. staff colleagues.
- Create SOP & training documents.
- Other duties, to be assigned as needed.
Tech. stack environment exp:
- Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
- OS: UNIX, LINUX, WINDOWS.
- Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
- Network protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
- DB’s: Oracle, SQL, MySQL.
- Cloud Platforms: IAAS, PAAS, SAAS.
- Sec. concepts: Encryption, Hardening, etc.
- Sec. GRC.
- Forensic analysis tools.
- AD.
- Programming languages a plus.
- Computer forensics exp. a plus.
- Prior SIEM exp. a plus.
- Malware analysis skills a plus.
Exp.
- At 5yrs. of technical exp. conducting sec. incident response & forensic analysis.
- At least 5yrs of Cyber Threat Intelligence exp. & making the information usable through the sec. incident process.
- Working exp. of applying IOCs to identify threats in current environment & apply information to prevent future vulnerabilities in the infrastructure tech sec.
- Working exp. using best practices standards & frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.
Flexible work from home options available.