Working in a dynamic environment with smart, fun people you will work on a variety of InfoSec technologies and have a wide range of duties to perform.
Some of the duties will include:
- Provide IDS monitoring, log analysis and incident response to information security alerts.
- Analyze log files, network traffic and IDS alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms.
- Launch and track investigations to resolution. Advise in the steps to take to investigate and resolve computer security incidents.
- Recommend IDS filters to eliminate false positives. In addition, daily reviews of IT security news postings reporting exploits in the wild and potential zero-day exploits.
- Perform highly complex analysis and technical tasks involving event detection and rapid response across various environments of the enterprise.
- Design, implement and support integration of information security solutions including security architectures, firewall administration, integrating security products, and developing and coordinating security implementation plans.
- Work with senior management to determine acceptable levels of risk for enterprise computing platforms and to discuss security implications of new information technology uses being considered.
- Investigate, document and report any actual or potential information security violation.
- Lead computer forensic analysis, cyber-crime investigation, incident emergency response and investigations.
Experience and skills should include:
- 2-5 years’ experience working in 24×7 Security Operations Center (SOC) environment.
- Hands on Configuration experience with Security Incident and Event Management platform.
- Experience using: Splunk Enterprise Security, IDS, FireEye, Cisco Sourcefire, WAF Imperva.