Job Description :
                                                                             Need USC or GC for this role.
Search can be done nationwide and need candidates who prefer relocating.
Onsite interview is needed after a telephonic interview.
*Location:* Plano, TX
*Job: *Security: DLP Security Analyst (519375)
*Term*: 1 year CT+ minimum (LONG TERM)
*What I need to Submit:* Last 5 SS & MMDD > NO LOGO ON RESUME
- Hard requirements:
- Coding and Scripting experience- they will need this experience for
platform integrations- extracting certain forms of words/letters
(experience with any of the following)
- Avoid Web Programming skills like PHP
- Restful APIs ? looking for this to bring in integration points
- Will be overseeing and managing tools such as
- Endpoint Detection and Response (EDR)
- Data Loss Prevention (DLP)
-
- Other security applications
- They do not want an Architect- they need someone who is hands on
Engineer/Analyst. Someone who can troubleshoot, Triage (L1-2), SME of
Threat Intelligence
- Enhancing existing platforms
- Identifying, contain incidents, remediate, and prevent future
intrusions
- Evaluate new technology in their domain
- Survey landscapes and be able to select technologies
- Threat Intelligence Experience- experience handling threat
intelligence notifications.
- Certifications: not big on the Microsoft certs but if they have CEH
(Certified Ethical Hacker) certs or similar he would be interested in seeing
*Must Haves:*
- A Bachelor''s Degree in Computer Science or Engineering or equivalent
experience
- Coding/Scripting experience (e.g. Python, Perl, PowerShell)
- Proven experience with creating Regular Expressions
- Experience with RESTful APIs and automation
- 1 Year of Symantec and/or McAfee DLP operational experience is
required; must have implemented and managed DLP; must possess strong
technical knowledge of DLP architecture, system policies, rules, etc.
- Strong verbal and written communications skills; must be able to
effectively communicate technical details and thoughts in
non-technical/general terminology to various levels of management
- Work well in team environments with internal and external resources as
well as work independently on tasks
- Strong organizational, multi-tasking, and time management skills
*Preferred/ Nice-to-haves*:
- CISSP, CISA, CEH, OSCP, or other industry recognized security
certification(s)
- Cloud Access Security Broker (CASB) implementation and/or management
experience
- Next Generation Anti Malware implementation and/or management
experience
- 1 Year of Threat Intelligence administration experience; have used or
implemented the above program in some capacity, understanding incident
response, analysis, rules, etc.
*What are the key objectives for this resource (project summary*
The key objectives for this Threat Analyst position are to expand threat
detection and prevention capabilities in existing and future Security
tools. The Analyst must be able to identify gaps in existing security
configurations and provide effective recommendations to improve, remediate,
and expand controls against cyber threats.
*Responsibilities include:*
- Oversee and manage:
- Endpoint Detection and Response (EDR) software
- Host and Network based Data Loss Prevention (DLP) software
- Email encryption software
- Anti-malware/Anti-virus software
- Other security applications
- Conduct analysis, troubleshooting, and trending of incidents/events
detected from Endpoint security solutions, DLP, and other security
applications
- Manage various deployed DLP technologies and their integration points
with Configuration Management Database (CMDB), Email infrastructure, LDAP
(e.g. Active Directory), etc.
- Create custom rules and tune existing rules, policies, alerts, etc.
within various security applications based on stakeholder needs or
situational conditions
- Conduct ongoing Threat Hunting exercises using existing security
applications
- Perform Level 2 & 3 triage and handling of security events (escalated
from Level 1 Security Analysts or other); includes but is not limited to
identification, containment, remediation, and reporting activities.
- Create new and enhance existing procedures to improve operational
efficiencies and reporting accuracy
- Develop detailed technical recommendations to solve current and future
security issues; identify protection gaps and propose effective mitigating
solutions
- Maintain awareness of emerging threats to data protection, system
integrity, and network availability
- Evaluate, design, architect, implement, and configure new security
products and technologies
- Develop, review, and maintain documentation for security systems and
procedures
- Expand Threat Intelligence program through integration, automation,
and enhanced workflows
- Analyze, evaluate, and communicate Threat Intelligence notifications
to reduce risk exposures and to defend against cyber attacks
*Ability to:*
- Take on new responsibilities and influence others as needed to deliver
consistent results
- Demonstrate strong analytical skills under varying conditions,
*