IT - Consultant | Infrastructure Security | Security Incident and Event Management (SIEM)

Find latest similar jobs
Apply Now
Sign up for similar job alert!
Job ID :
27237
Company :
Internal Postings
Location :
Atlanta, GA
Type :
Contract
Duration :
6 Months
Salary :
DOE
Status :
Active
Openings :
1
Posted :
14 Apr 2020
Job Seekers, Please send resumes to resumes@hireitpeople.com

Responsibilities:

  • Handling escalations and work as L3 analyst for remediation of Security Incidents.
  • Participate in Incident Response and investigation of suspected information technology security misuse and provide recommendation to Clients for Global Threats (Like WannaCry, Petya, Non-Petya Bab-Rabbit, Zero-day vulnerability).
  • Ability to write Complex use cases configured for different sophisticated attacks like DNS Reconnaissance, Phishing, Spearphish, APT, Lateral Movement, Browser Compromised, DNS
  • Amplification, Event analysis, attack identification, investigation and correlation, and implementation of mitigation measures.
  • Ability to identify the adversarial activity and methods for future detection and prevention. Use a combination of Open Source research of exploits or vulnerabilities, including Zero–Day, network flow, log review, event correlation, and PCAP analysis to complete investigations.
  • Deep investigation of potential attacks and potentially compromised systems
  • Forensic analysis of network traffic or windows hosts.
  • Leading or participating in the incident response process
  • Provide recommendations and implement changes to optimize Splunk detection capabilities
  • Generate required SOC reports and metrics

Requirements / Qualifications:

  • 6+ years of work experience, with a minimum of 4 years of experience in SOC
  • Hands on experience with incident analysis and Deep understanding of Windows internals
  • Ability to develop remediation plans based on organizational needs and priorities
  • Excellent understanding of Splunk SIEM Console
  • Good understanding of networking and network security technologies (IDS, Firewall)
  • Ability to maintain working relationships with diverse stakeholders
  • Excellent written and oral communication skills
  • Should also have experience in developing content/use cases for Splunk monitoring and Should have relevant Splunk certification
  • Demonstrated skill in troubleshooting - ability to provide resolution and/or workarounds to complex problems and Provide guidance and support for Tier 1/Tier 2 Security analyst.
  • Security certifications such as CEH CISSP are preferred.

Minimum years of experience*: 6+

Certifications Needed: No

Interview Process (Is face to face required?) No

Does this position require Visa independent candidates only? No

Client Services
Job Seekers
Visa Sponsorship