Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Security Monitoring Analyst
Eingestellt von CompuCom
Gesuchte Skills: Engineering, Network, Tcp, Ip
Projektbeschreibung
SECURITY MONITORING ANALYST HOUSTON, TX CONTRACT TO HIRE
You re covered with COMPUCOM. We offer our temporary employees full benefits. Always have. Always will. Join us!
RESPONSIBILITIES FOR THIS POSITION MAY INCLUDE BUT ARE NOT LIMITED TO:
- Responsible for operational processes and workflow of IPS/IDS/SIEM security event monitoring and analysis of cyber threat activity for the identification of advanced persistent threats and malware in near Real Time.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises, and performs thorough reviews and analyses of relevant event detail and summary information.
- Ability to conduct packet analysis and be able to modify and add custom monitoring policies and signatures within Intrusion Prevention Systems and Security Information and Event Management systems to account for lack of monitoring in areas as warranted by threat changes, such as zero-day threats.
- Determines appropriate response action(s) required to mitigate risk and assist in providing threat and damage assessment for security threats which may impact CompuCom networks.
- Ensures all pertinent information is obtained to allow for the identification, categorization, and triage actions to occur in a time sensitive environment.
- Tracks and maintains knowledge and understanding of adversarial tactics, techniques, and procedures.
- Conducts data tracking and analysis tasks in order to identify computer probes/exploits/attacks as they occur, including technical aspects of intrusion detection and providing substantial input to cyber threat countermeasures.
- Gathers data and contributes to the creation of detailed security monitoring reporting that communicates effectively to every level of CompuCom including monthly trends of incidents and detailed security events.
- Optimizes SIEM effectiveness by working with analysts and developers within Security Operations to ensure signature quality and fine tuning.
- Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity.
- Coordinates activities across the integrated team ensuring that products merge threat and technical intelligence findings.
- Develops collaborative information and knowledge sharing networks and builds alliances with colleagues and counterparts within and/or across the organization
- Possesses the ability to recommend and propose new technical analysis solutions within the intrusion detection and SIEM domains.
- Provides input to assist with implementation of counter-measures or mitigating controls.
- Performs activities per established documentation as needed, including SOPs to be used by team members.
- Works within the security monitoring team to ensure functional coverage on a 24/7 basis; this may also include weekend work.
- Ensures requests for information are answered in a thorough and expedient manner.
REQUIRED EXPERIENCE
- Minimum of 4-10 years related Cyber Security experience in a large global organization
- At least 5 years of direct experience in security monitoring and incident response
- Bachelor s Degree in Cyber Security, Computer Science, Engineering, or related studies
- 4+ years of direct work experience in security monitoring or incident response can be substituted for degree
- Vast experience with security technologies including with IDS/IPS/SIEM integration methodologies and best/common practices, Firewalls and log analysis, network behavior analysis tools, data loss prevention, antivirus, network packet analyzers, and malware and forensic analysis tools
- Specific experience with IBM s QRadar SIEM platform, and Snort/SourceFire IPS/IDS
- Advanced knowledge of networking technologies and protocols, including Ethernet, TCP and IP routing, security architecture, and mobile technology
- Demonstrated problem solving and critical thinking capabilities in complex environments
- Previous experience working in a Cyber Security SOC/NOC/Operations Center
- Experience with Intrusion Prevention/Detection System signature development and management
- Experience with network monitoring tools (eg, TCPDump, Wireshark) and experience in traffic analysis and packet inspection
- Ability to document and explain technical details clearly and concisely
- Must possess outstanding written and oral communication skills
- Ability to write analytical information products and clearly articulate findings
- Comfortable communicating with senior management ranging from C-level executives to technical engineers and analysts
- Must be comfortable in a high-tempo operational environment
- Previous experience participating in working groups with the oil and gas sector and/or with the United States Government
- Ability to work varying hours and operate in an on-call status as required
- Must be self-starter, eager to take the initiative
DESIRED EXPERIENCE
- 10 years related experience in Security Monitoring, Incident Response, and/or Cyber Security experience in a large global organization
- Advanced degree in Cyber Security, Computer Science, Engineering, Cyber Security or related studies
- Previous experience building cyber risk/threat monitoring capability
- Hands on experience with a variety of different IDS/IPS and SIEMs
- Previous experience managing and working with Managed Security Services Providers
- Possession of one or more industry standard certification such as CISSP, CISM, GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), and GIAC Reverse Engineering Malware (GREM)
CompuCom, the leading IT outsourcing specialist, delivers IT your way. Our clients like working with us because they know that, with CompuCom, it's all about you. Our unique ITSM strategy blends your data center, network, voice, and end user computing environments in an innovative fashion. This radically simplifies your IT, allowing you to focus on growing your business and serving your customers. We are highly regarded by worldwide and regional organizations alike for our pragmatic approach, best practices, and highly skilled workforce. This balance provides the perfect alternative to address the evolving challenges facing you, today and in the future. More than a trusted advisor, CompuCom is your trusted doer.
You re covered with COMPUCOM. We offer our temporary employees full benefits. Always have. Always will. Join us!
RESPONSIBILITIES FOR THIS POSITION MAY INCLUDE BUT ARE NOT LIMITED TO:
- Responsible for operational processes and workflow of IPS/IDS/SIEM security event monitoring and analysis of cyber threat activity for the identification of advanced persistent threats and malware in near Real Time.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises, and performs thorough reviews and analyses of relevant event detail and summary information.
- Ability to conduct packet analysis and be able to modify and add custom monitoring policies and signatures within Intrusion Prevention Systems and Security Information and Event Management systems to account for lack of monitoring in areas as warranted by threat changes, such as zero-day threats.
- Determines appropriate response action(s) required to mitigate risk and assist in providing threat and damage assessment for security threats which may impact CompuCom networks.
- Ensures all pertinent information is obtained to allow for the identification, categorization, and triage actions to occur in a time sensitive environment.
- Tracks and maintains knowledge and understanding of adversarial tactics, techniques, and procedures.
- Conducts data tracking and analysis tasks in order to identify computer probes/exploits/attacks as they occur, including technical aspects of intrusion detection and providing substantial input to cyber threat countermeasures.
- Gathers data and contributes to the creation of detailed security monitoring reporting that communicates effectively to every level of CompuCom including monthly trends of incidents and detailed security events.
- Optimizes SIEM effectiveness by working with analysts and developers within Security Operations to ensure signature quality and fine tuning.
- Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity.
- Coordinates activities across the integrated team ensuring that products merge threat and technical intelligence findings.
- Develops collaborative information and knowledge sharing networks and builds alliances with colleagues and counterparts within and/or across the organization
- Possesses the ability to recommend and propose new technical analysis solutions within the intrusion detection and SIEM domains.
- Provides input to assist with implementation of counter-measures or mitigating controls.
- Performs activities per established documentation as needed, including SOPs to be used by team members.
- Works within the security monitoring team to ensure functional coverage on a 24/7 basis; this may also include weekend work.
- Ensures requests for information are answered in a thorough and expedient manner.
REQUIRED EXPERIENCE
- Minimum of 4-10 years related Cyber Security experience in a large global organization
- At least 5 years of direct experience in security monitoring and incident response
- Bachelor s Degree in Cyber Security, Computer Science, Engineering, or related studies
- 4+ years of direct work experience in security monitoring or incident response can be substituted for degree
- Vast experience with security technologies including with IDS/IPS/SIEM integration methodologies and best/common practices, Firewalls and log analysis, network behavior analysis tools, data loss prevention, antivirus, network packet analyzers, and malware and forensic analysis tools
- Specific experience with IBM s QRadar SIEM platform, and Snort/SourceFire IPS/IDS
- Advanced knowledge of networking technologies and protocols, including Ethernet, TCP and IP routing, security architecture, and mobile technology
- Demonstrated problem solving and critical thinking capabilities in complex environments
- Previous experience working in a Cyber Security SOC/NOC/Operations Center
- Experience with Intrusion Prevention/Detection System signature development and management
- Experience with network monitoring tools (eg, TCPDump, Wireshark) and experience in traffic analysis and packet inspection
- Ability to document and explain technical details clearly and concisely
- Must possess outstanding written and oral communication skills
- Ability to write analytical information products and clearly articulate findings
- Comfortable communicating with senior management ranging from C-level executives to technical engineers and analysts
- Must be comfortable in a high-tempo operational environment
- Previous experience participating in working groups with the oil and gas sector and/or with the United States Government
- Ability to work varying hours and operate in an on-call status as required
- Must be self-starter, eager to take the initiative
DESIRED EXPERIENCE
- 10 years related experience in Security Monitoring, Incident Response, and/or Cyber Security experience in a large global organization
- Advanced degree in Cyber Security, Computer Science, Engineering, Cyber Security or related studies
- Previous experience building cyber risk/threat monitoring capability
- Hands on experience with a variety of different IDS/IPS and SIEMs
- Previous experience managing and working with Managed Security Services Providers
- Possession of one or more industry standard certification such as CISSP, CISM, GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), and GIAC Reverse Engineering Malware (GREM)
CompuCom, the leading IT outsourcing specialist, delivers IT your way. Our clients like working with us because they know that, with CompuCom, it's all about you. Our unique ITSM strategy blends your data center, network, voice, and end user computing environments in an innovative fashion. This radically simplifies your IT, allowing you to focus on growing your business and serving your customers. We are highly regarded by worldwide and regional organizations alike for our pragmatic approach, best practices, and highly skilled workforce. This balance provides the perfect alternative to address the evolving challenges facing you, today and in the future. More than a trusted advisor, CompuCom is your trusted doer.
Projektdetails
-
Einsatzort:
Houston, Vereinigte Staaten
-
Projektbeginn:
asap
-
Projektdauer:
Keine Angabe
- Vertragsart:
-
Berufserfahrung:
Keine Angabe
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Ingenieurwesen/Technik