SIRT Automation Lead

San Antonio, TX San Antonio TX 78299

Date : Feb-21-18

San Antonio, TX

Feb-21-18

Work Authorization

US Citizen
GC
H1B
GC EAD

Preferred Employment

Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire

Job Details

Experience

Architect

Rate/Salary ($)

Market

Duration

6 Months

Sp. Area

QA, Testing Automation

Sp. Skills

QA Lead

Consulting / Contract

Direct Client Requirement

Required Skills :

SIRT, SIEM, security

Preferred Skills :

SIRT, SIEM, security

Domain :

Work Authorization

US Citizen
GC
GC EAD
H1B

Preferred Employment

Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire

Job Details

Experience

Architect

Rate/Salary ($)

Market

Duration

6 Months

Sp. Area

QA, Testing Automation

Sp. Skills

QA Lead

Consulting / Contract

Direct Client Requirement

Required Skills :

SIRT, SIEM, security

Preferred Skills :

SIRT, SIEM, security

Domain :

IT-SCIENT LLC
Fremont, CA
Post Resume to
View Contact Details &
Apply for Job

Job Description :

Hello Everyone,
Please go through this urgent below requirement and if you have good /suitable Candidate ,Please let me know your interest ASAP.

Job Role: SIRT Automation Lead
Location: San Antonio, TX
Duration : 4 months
Minimum years of exprience :-10+ years

Job Discription:-
SIRT Automation Lead -

Minimum 10 years of Experience in security incident response, vulnerability management and security operations activities
Ability to work with minimal supervision, self-motivated and should be able to manage stakeholders
Excellent knowledge on using advanced incident analysis and investigation techniques for security incidents to contain and resolve them
Able to collect and analyze detailed host information through host monitoring tools – including command line tools as necessary
Experience working in a risk based environment including mitigation, planning and implementation.
Able to collect and analyze detailed enterprise logs using splunk, collecting logs of systems directly, experience with L1 malware analysis
Deep Understanding of common Attack Vectors DDoS attacks, Phishing Attacks, and Malware
Analyze Security related events, user submissions and detected alerts using SIEM and various native security tool management consoles.
Perform initial triage of same events using established processes to determine criticality, perform containment/corrective actions.
Record triage activities in security incident response system
Utilize SIEM tool Splunk effectively in triage events and Splunk search capabilities
Familiar and should possess multi-domain architectural knowledge/exposure is desired – Windows/Linux/Network/Proxies/Email gateway/Tanium/FireEye/Symantec, should be able to use tools such as Wireshark or equivalent tools, security alert monitoring using Splunk or other SIEM tools experience
Vulnerability scanning using Qualys or any other tool, experience with vulnerability remediation activities, qualify new vulnerabilities and impact to the environment, patch governance activities
Others – Must be able to build relationships with internal/external stakeholders and achieve the security incident resolution; Should be comfortable to work with onsite/offshore teams and provide technical guidance/leadership to offshore teams
Articulate Client requirement to internal team/developers to arrive defined scope of the project.