Job Description :
Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.

Years of Experience:
5 or more years of experience in the field.

Job Description:
\tMember of theclient''s Security Operations Center  and will focus on Incident Response.
\tIdentify security issues and risks associated with security events and manage the incident response process.
\tParticipate in the incident response and investigation process for identified security events.
\tUse the Security Incident Event Management (SIEM) platform (IBM’s QRadar) to perform Incident Response identification and response.
\tPerform network and system forensics in response to security incidents.
\tOptimize and customize security-monitoring tools to improve detection.
\tHunt for signs of APT activities.
\tMaintain and update the security operational workflow.

Required/Desired Skills





Skill
Required /Desired
Amount
of Experience


In-depth knowledge of security monitoring and incident response
Required
5
Years


Knowledge of conducting security investigations.
Required
5
Years


Experience with using and customizing SIEM products.
Desired
5
Years


Solid understanding of network protocols and architecture.
Required
5
Years


Demonstrated experience with performing digital forensics and incident response using industry leading tools.
Required
5
Years


Experience with network intrusion detection and analysis tools such as Bro, Suricata, Sourcefire, Snort and Wireshark.
Required
5
Years


Experience solving problems with scripting languages such as Perl, Python, PowerShell or Bash.
Required
5
Years


Demonstrated experience operating information security tools is required.
Required
5
Years


Demonstrated experience integrating information security tools is required.
Required
5
Years


Understanding of the tactics, techniques and procedures of advanced attackers
Required
5
Years


Ability to leverage multiple forms of communication to articulate complex concepts to technical and non-technical staff, including senior management
Required
5
Years


SANS Training
Desired
0



EnCase Certified Examiner (EnCE)
Desired
0



Offensive Security Certified Professional (OSCP)
Desired
0



CISSP
Desired
0



3-5years of experience in Security Operations and Incident Response.
Required
3
Years