Job Description
Duration: 12 months
Job type: Contract position
Location: Pleasanton or Vacaville (onsite for the 1st week, onsite as needed onward)
Duties/responsibilities:
-Provide the highest quality services in the shortest timeframe possible with effective & efficient transfer knowledge to client’s employees.
-A self-starter that can come up to speed in domain knowledge in a very short period. Proactively identify & assess threats to client users, network & data.
-Monitor & respond to reports of malicious activity. Respond & investigate intrusions & security events. Demonstrate an understanding of client threat landscape.
-Perform thorough analysis of attacks & anomalous network behavior. Provide summarized & detailed analysis & documentation in support of ESEC
-Perform proficient forensic analysis using security tools & processes. Identify Actionable Intelligence by processing Threat Intelligence (TI).
-Demonstrate ability to identify, contain, eradicate & recover from security incidents. Collaborate with client business units, partners & individuals to mitigate security threats.
-Advise the CISO & ESEC team on matters involving organizational, strategic, tactical & security best practices related to forensics & sec. incidents mgt.
-Attend meetings/represent ESEC as a sr. lead for all sec. matters. Act as lead/co-lead/backup on assigned ESEC projects
-Mentor jr. staff colleagues. Create SOP & training documents.
-Other duties, to be assigned as needed.
Tech. stack environment exp:
-Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
-OS: UNIX, LINUX, WINDOWS.
-Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
-Network protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
-DB’s: Oracle, SQL, MySQL.
-Cloud Platforms: IAAS, PAAS, SAAS.
-Sec. concepts: Encryption, Hardening, etc.
-Sec. GRC.
-Forensic analysis tools.
-AD.
-Programming languages a plus.
-Computer forensics exp. a plus.
-Prior SIEM exp. a plus.
-Malware analysis skills a plus.
Exp.
-At least 10yrs of overall enterprise information security exp.
-At least 5yrs. of technical exp. conducting sec. incident response & forensic analysis.
-At least 5yrs of Cyber Threat Intelligence exp. & making the information usable through the sec. incident process.
-Working exp. of applying IOCs to identify threats in current environment & apply information to prevent future vulnerabilities in the infrastructure tech sec.
-Working exp. using best practices standards & frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.