Hello All, A very good Morning
Requirement Overview: Title: *Cyber Security Analyst / SOC Analyst* Work Location : Durham, NC Start Date : ASAP Duration : Long Term Rate : Keep the rate low Job Description: - Develop and execute capabilities to conduct non-signature based detection of malicious activity within the network. - Review security incidents, determine their severity, and author reports to leadership detailing the activity - Specialize in host-centric analysis, network-centric analysis (Network Security Monitoring and related disciplines) and/or log-centric analysis. - Continuously engage security intelligence team in a two way conversation: develop, refine, and maintain intelligence requirements to focus intelligence in support of detection operations, and provide feedback on detection indicators and intruder tactics, techniques, and procedures. - Continuously engage Vulnerability Management team in order to understand weaknesses in our compute environment and create detection capabilities to - Trending and analysis using advanced methodologies and conducting end-point sweeps for Indicators of Compromise - Perform daily response operations with a schedule that may involve nontraditional working hours - Appropriate escalation of incidents as defined in the established operating procedures - Work with a globally distributed team and rely heavily on electronic communication - Continually research the current threat landscape and tactics as it applies to team focus - Review incidents handled by analysts to ensure quality - Track and drive to closure all incidents - Identify, derive, and maintain metrics that impact service quality; drive continuous improvement - Advise management on the effectiveness of established operating procedures and recommend modifications where appropriate *Job Requirements Required Skills - Previous operational experience in a CSIRT, CIRT, SOC, or CERT - Foundational understanding tactics used by APT, Cyber Crime and other associated threat group - Expert understanding of network communications (TCP/IP fundamentals, HTTP basics) - Expert understanding of multiple operating systems such as Linux, Solaris, BSD, or Windows - Expert understanding of intrusion detection systems (e.g. Snort, Suricata) and tools (e.g. tcpdump, Wireshark) - Practical experience with security incident response - Security Incident Management * analysis, detection and handling of security events - Comprehension of how attacks exploit operating systems and protocols - Must understand how to analyze network traffic for suspicious and malicious activity - Hands-on experience with other security technologies: - Next-Gen Intrusion Detection Systems * FireEye, Damballa, or Palo Alto WildFire - Security Information & Event Management (SIEM) * ArcSight, Splunk, QRadar, etc - Packet capture technologies * NetWitness, Solera, Moloch, or at a minimum, WireShark or tcpdump - Scripting experience with one or more of the following: PERL, Bash, PowerShell, Python - Ability to write technical documentation and present technical briefings to varying audiences - Ability to work with a globally distributed team and rely heavily on electronic communication - Ability to travel as needed to support the corporate objectives. Desired Skills - Experience with the Cyber Kill Chain framework - Experience with the Network Security Monitoring methodologies - Ability to reverse engineer malware - Experience with Security Intelligence or Intelligence Analysis - Experience in Ethical Hacking or Red Team - Hands-on experience with forensics tools such as Mandiant Intelligent Response (MIR) - Experience with vulnerability scanners such as: Qualys, nCircle, Nessus - Experience with Data Loss Prevention tools such as: Vontu, McAfee DLP, OpenDLP *Education and Experience -Experience : 9 - 12 years of information security experience is expected; At least 5 years of experience in security monitoring, digital forensic analysis, or incident response is preferred. Thanks and Regards, Kalyan K Technical Recruiter, HCL Global Systems Inc, Email: [email protected] Desk: 248-473-0720*167 Yahoo ID / Gtalk: kalyan.recruiter7 -- You received this message because you are subscribed to the Google Groups "oraapps" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/oraapps. For more options, visit https://groups.google.com/d/optout.
