Job Description :
Full Name
Contact Number
Email/Skype ID (As applicable)
Current Location
Work Authorization
Last 4 digit of SSN
Preferred Time to Call and Interview (with Time zone)
LinkedIn ID (If applicable)
Photo ID card copy
Type of Contractor (W2 or Non W2)
Salary
Expected Timelines to join
Visa type/ duration
Relocation Willingness
Position: Security Analyst
Location: Concord, CA
Duration: 6+ months
Working Hours: Mon-Fri (2pm-10pm PST)
Job Description
TOP SKILLS:
1. Prior Incident Response experience
2. Cyber Threat Experience
3. Strong networking skills
4. Prior SIEM experience
Position Summary Currently located in Concord, CA, this position is in our Security Intelligence and Operations Center and is responsible for monitoring, detecting, and responding to cybersecurity activity across “Client’s” telecommunication and data computing infrastructure. Response could include but is not limited to: troubleshooting, analysis, diagnosis, communicating with stakeholders, and resolution or coordination of resolution via support groups or business units. This position requires the ability to think analytically, work collaboratively, and document all work being performed.
Monitor incoming event queues for potential security incidents; identify and act on anomalous network activity
Perform thorough analysis of APT/nation state attack, anomalous network behavior
Detailed analysis, documentation, and strong understanding of the attack vectors, persistence mechanisms, and detection avoidance tactics
Perform proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events
Perform hunting for malicious activity across the network and digital assets
Perform detailed investigation and response activities to assist in identification, containment, eradication and recovery actions for potential security incidents
Analyze complex malware analysis through endpoint and network traffic forensics to determine if PG&E systems are impacted.
Develop innovative monitoring and detection solutions using “Client” tools and other skillsets such as scripting
Work with Security engineering team to analyze SIEM use cases
Recommend implementation of counter-measures or mitigating controls
Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
Mentor junior staff in cybersecurity techniques and processes
Create and continuously improve standard operating procedures used by the SIOC
Monitor external event sources for security intelligence and actionable incidents
Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the IT organization as well as business units
Must comply with any regulatory requirements
Minimum Qualifications:
Bachelor's degree in Computer Science or related field, or equivalent work experience
6 years of relevant work experience within security information technology
Prior experience in Computer Incident Response team (CIRT)/Computer Emergency Response team (CERT), or a Security Operations Center (SOC)
Extensive experience in network security monitoring, network packet analysis, host and server forensics
Desired Qualifications:
Utility Industry experience
Prior SIEM experience – Security Information & Event Management system, log aggregation and event notification tool such as IBM QRadar
SANS certification such as GREM, GCFA, GREM, GNFA, ENCE or related
Familiarity with regulatory requirements such as NERC/CIP, NIST, SOX etc.
Extensive experience in industry well-known as well as open source Network and/ or Host forensic tools Knowledge, Skills and Abilities
Strong technical skills including malware reverse engineering, memory forensics, live response techniques, registry analysis
Strong networking knowledge – TCP/IP protocols, OSI model, Firewalls and other networking devices
Strong case management and forensic procedural skills
Strong customer service skills and decision-making skills
Good analytical skills – ability to analyze and think out of the box when working a security event
Experience with scripting languages such as Python, Perl, PowerShell
Self-motivated, methodical and detail oriented