Job Description :
VDart is a IT staffing firm based out of Atlanta, GA specializing in Digital & Emerging technologies. Founded in 2007, VDart has over 1700+ employees and contractors spread across 3 continents. We specialize in providing the Fortune 1000 companies, niche hard to find skills in technologies including Social, Mobile, Big Data Analytics, Cloud, Machine Learning, and Artificial Intelligence. With delivery centers in UK, Mexico, Canada and India, we provide talent solutions to global customers covering EMEA, APAC & Americas. We provide deep technology and domain expertise in BFSI, Energy & Utility, Technology, CPG & Retail industry verticals. VDart is an award winning organization recognized on Inc 500 Hall of Fame; Atlanta Business Chronicle's Fastest Growing Companies; NMSDC's National Supplier of the Year; Ernst & Young's Regional Entrepreneur of the Year and more. Job Title: Senior Information Security Analyst Location: San Francisco, CA Duration: Contract Job Function Summary: This position supports the Clients IT Security group, which develops, communicates and supports University-wide information security policies and programs that ensure the confidentiality, integrity, and availability of Client Electronic Information Resources (EIRs This position will report directly to the Information Security Incident Response Manager. The position will be responsible for day-to-day event and incident monitoring, threat detection and data correlation, and incident response spanning a wide range of security monitoring tools. The Senior Security Analyst will also assist collecting potential breach evidence, participate in network and host forensic analysis, and follow up with incident remediation activities. Written and verbal communication skills are required to ensure correlation of detailed technical findings with risk to the enterprise and providing a clear path to remediation activities. This position requires a detailed oriented individual with strong analytical and critical thinking skills. Candidate must be familiar with identifying abnormal network traffic and system activities. Candidate must be accustomed with correlating data across multiple systems and tools in order to identify likelihood of compromise. Must have expert understanding of enterprise networks, applications and distributed systems in a healthcare environment. Familiarity with cloud environments and applications in the SaaS, IaaS and PaaS technology areas is required. This position will be responsible to serve as a technical escalation point for junior security analyst team members, assisting with responding to team member analysis with constructive feedback and course correction. The Senior Security Analyst will review junior team member findings (when applicable) to ensure accuracy, assist with investigation next steps, and assist with overseeing major incidents. The Senior Security Analyst at times may lead security incident investigations at CLIENT, requiring task delegation and followup with junior team members This position will be responsible for presenting and briefing to non IT CLIENT departments (such as Privacy, Legal, Risk, and Leadership) on security incidents and investigations. The Senior Security Analyst would be required to summarize the incident, provide remediation recommendations, and have the ability to state a probability of compromise risk level to these non IT teams. Generic Scope Technical leader with a high degree of knowledge in the overall field and recognized expertise in specific areas; problem-solving frequently requires analysis of unique issues / problems without precedent and / or structure. May manage programs that include formulating strategies and administering policies, processes, and resources; functions with a high degree of autonomy. Custom Scope Applies skills as a Senior Information Security Analyst in order to monitor, detect, report, and remediate threats to the CLIENT infrastructure, its assets, and its data. Responsible for detailed analysis of alerts and potential threats as well as data correlation and corroboration across a variety of network and host monitoring and threat detection tools. Responsible for clearly documenting the event, threat, and IR actions taken and/or recommended. Responsible for leading security incident investigations requiring task delegation and followup with junior team members. Department Overview The Client IT Security group's responsibilities include, but are not limited to: Incident response and forensic analysis Threat hunting and event analysis Establishing policies and standards for information security Proving guidance and conducting risk assessments of systems and solutions Governance and compliance Architecting secure business solutions Architecting threat detection, security monitoring and forensic solutions Outreach and security awareness training and education E-Discovery service Endpoint security solutions, such as encryption and anti-virus Key Responsibilities Perform technical incident response activity Lead or co-lead security incident investigations, direct junior analysts with IR tasks, evidence collection, mitigation steps and data correlation. Serve as an escalation point for junior analyst findings. Participates in forensic activity and produces reports in response to highly complex or broad-scale security incidents in accordance with campus, medical center or Office of the President policy. May lead a team of IT security professionals. Applies advanced IT security concepts, governmental regulations, departmental and campus, medical center or Office of the President policies and procedures to provide input to, define or revise incident response processes. Present findings and correlations to the IT Security and IT Security Leadership Develop and assist with automation and incident response process improvements Threat and attack research Duties as assigned Knowledge Skills and Abilities (KSAs) Substantial experience with incident response and digital forensics including data collection, examination and analysis of a variety of sources. Expert skill at reading and interpreting security logs as well as analyzing and correlating logs for evidence of security breaches. Knowledge of the Cyber Kill Chain and ability to recognize mitigations and containment steps at each stage of an attack Expert experience using IT security systems and tools such as SIEM, syslog, network threat detection, and malware analysis. Demonstrated expert skills applying security controls to computer software and hardware. Demonstrated expert skill at administering complex security controls and configurations to computer hardware, software and networks. Expert knowledge of computer enterprise hardware, software, cloud and network security issues, architectures and approaches. Ability to clearly and completely summarize a security event, directed investigation steps, and potential risk to the organization Ability to follow department processes and procedures. Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization Detail oriented recording of investigation notes, correlation logic, and determination of compromise Knowledge of other areas of IT, department processes and procedures. Understanding of privacy and legal issues in a regulated higher-education healthcare environment Understanding of industry trends and threats Strong interpersonal communications to work with colleagues and customers who have a wide range of technical skills and knowledge OS: Windows, Unix, OSX, VMWare Office: MS Suite Security Tools: enterprise scale signature based host security suites, network vulnerability scanning, web application vulnerability scanning, host intrusion detection systems, system monitoring, system information and event management logging, network based malware sandbox threat detection, IDS/IPS, enterprise firewalling Forensic Tools: Forensic Case Management, eDiscovery Tools, Disk Forensic Tools, Memory Forensic Tools, Forensic Image Mounting, Forensic Imaging Tools Enterprise IT: Distributed system technologies, load balancers, storage systems, enterprise email systems, web applications, cloud services, virtualization technologies, enterprise networking systems, enterprise firewalls Education, Licenses and Certifications: List Education, Licenses and Certifications a candidate must possess or meet to be considered for the position. You may also select any of these attributes as being preferred. These will be included in the job posting/advertisement and will be used to screen applicants. 3 or more years' experience in a dedicated Incident Response/Information Security Analyst (part of responsibility should have included responding or assisting with responding to incidents involving security risks, vulnerabilities, and breaches Bachelor's degree in related area and / or equivalent experience / training. Certifications Relevant security certifications (GCIH, GCIA, GCED, CISSP, OSCP, CCSP, CCSK, or other GIAC) Problem Solving Common problems solved by the employee: Alert and event correlation across multiple IT/IT Security monitoring tools Summarize incident, define risk, and take next steps based on risk of compromise to CLIENT assets or lead junior team members to take next steps based on risk of compromise to CLIENT assets Clearly communicate investigation results and oversee mitigations and remediation efforts Determining actions of malware by interpreting network traffic and event data and performing malware analysis Less frequent and more complex problems solved by the employee: Participate in deep host basic forensics and malware analysis to accurately summarize what malicious actions took place on a host Lead a major incident from onset through response, recovery, and after action events. Problems/situations that are referred to this employee's supervisor: Incidents in which restricted data compromise is discovered If your skills match these requirements please send your resume to for immediate consideration. Please be assured that your resume will be reviewed and you will be contacted if there is an interest in your background and experience. Candidates should e-mail resume to address above. Be sure to reference the job number and title in the subject line. Referral Program: Ask our recruiting team about how you can be a part of our referral program. If you refer a candidate with this background and if the candidate accepts the role our team pays a generous referral. We are keen on networking and establishing a long-term, mutually beneficial partnership with you. We are Equal Employment Opportunity Employer. VDart Inc Alpharetta, GA Follow us on Twitter for the hottest positions: @VDart_Jobs Follow us on Twitter: @vdartinc