Hello All, A very good Morning
Requirement Overview: Title: *Cyber Security Analyst / SOC Analyst* Work Location : Durham, NC Start Date : ASAP Duration : Long Term Rate : Keep the rate low Job Description: - Develop and execute capabilities to conduct non-signature based detection of malicious activity within the network. - Review security incidents, determine their severity, and author reports to leadership detailing the activity - Specialize in host-centric analysis, network-centric analysis (Network Security Monitoring and related disciplines) and/or log-centric analysis. - Continuously engage security intelligence team in a two way conversation: develop, refine, and maintain intelligence requirements to focus intelligence in support of detection operations, and provide feedback on detection indicators and intruder tactics, techniques, and procedures. - Continuously engage Vulnerability Management team in order to understand weaknesses in our compute environment and create detection capabilities to - Trending and analysis using advanced methodologies and conducting end-point sweeps for Indicators of Compromise - Perform daily response operations with a schedule that may involve nontraditional working hours - Appropriate escalation of incidents as defined in the established operating procedures - Work with a globally distributed team and rely heavily on electronic communication - Continually research the current threat landscape and tactics as it applies to team focus - Review incidents handled by analysts to ensure quality - Track and drive to closure all incidents - Identify, derive, and maintain metrics that impact service quality; drive continuous improvement - Advise management on the effectiveness of established operating procedures and recommend modifications where appropriate *Job Requirements Required Skills - Previous operational experience in a CSIRT, CIRT, SOC, or CERT - Foundational understanding tactics used by APT, Cyber Crime and other associated threat group - Expert understanding of network communications (TCP/IP fundamentals, HTTP basics) - Expert understanding of multiple operating systems such as Linux, Solaris, BSD, or Windows - Expert understanding of intrusion detection systems (e.g. Snort, Suricata) and tools (e.g. tcpdump, Wireshark) - Practical experience with security incident response - Security Incident Management * analysis, detection and handling of security events - Comprehension of how attacks exploit operating systems and protocols - Must understand how to analyze network traffic for suspicious and malicious activity - Hands-on experience with other security technologies: - Next-Gen Intrusion Detection Systems * FireEye, Damballa, or Palo Alto WildFire - Security Information & Event Management (SIEM) * ArcSight, Splunk, QRadar, etc - Packet capture technologies * NetWitness, Solera, Moloch, or at a minimum, WireShark or tcpdump - Scripting experience with one or more of the following: PERL, Bash, PowerShell, Python - Ability to write technical documentation and present technical briefings to varying audiences - Ability to work with a globally distributed team and rely heavily on electronic communication - Ability to travel as needed to support the corporate objectives. Desired Skills - Experience with the Cyber Kill Chain framework - Experience with the Network Security Monitoring methodologies - Ability to reverse engineer malware - Experience with Security Intelligence or Intelligence Analysis - Experience in Ethical Hacking or Red Team - Hands-on experience with forensics tools such as Mandiant Intelligent Response (MIR) - Experience with vulnerability scanners such as: Qualys, nCircle, Nessus - Experience with Data Loss Prevention tools such as: Vontu, McAfee DLP, OpenDLP *Education and Experience -Experience : 9 - 12 years of information security experience is expected; At least 5 years of experience in security monitoring, digital forensic analysis, or incident response is preferred. Thanks and Regards, Kalyan K Technical Recruiter, HCL Global Systems Inc, Email: r...@hclglobal.com Desk: 248-473-0720*167 Yahoo ID / Gtalk: kalyan.recruiter7 -- You received this message because you are subscribed to the Google Groups "SAP Resource Center" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-resource-center+unsubscr...@googlegroups.com. To post to this group, send email to sap-resource-center@googlegroups.com. Visit this group at https://groups.google.com/group/sap-resource-center. For more options, visit https://groups.google.com/d/optout.
