Security and Intrusion Detection Analyst
Alvarez & Marsal - Dallas, TX

This job posting is no longer available on Alvarez & Marsal. Find similar jobs: Security Intrusion Detection Analyst jobs - Alvarez & Marsal jobs

Alvarez & Marsal (“A&M”) is a global professional services firm that assists clients ranging from global enterprises

to middle market companies that are both publicly held or privately owned, as well as large and mid-cap private

equity firms, corporate management and boards of directors. A&M applies its capabilities across industries, with

dedicated expertise in financial services, healthcare, real estate and the public sector, from its offices around the

world. The Forensic Technology practices focuses on computer forensics, electronic discovery, data-mining and

security consultative services.

Our Clients include:

• 98% of AmLaw 100 firms

• 25% of the S&P 500

• 11 of the FTSE 100

• 300+ mid- and large-Cap private equity firms

• 50% of all Fortune 100 companies

• 20% of Fortune Global 500 companies

• 18 of 20 of the largest banks in the U.S.

The Forensic Technology practice is looking for a full-time data security and intrusion detection analyst to work out

of the practices’ datacenter operations facility located in Dallas, Texas. This position will focus on assisting the

practice in defining, obtaining and maintaining SSAE 16 certification as well as other trusted site certifications as

appropriate. Once established, this role will be expected to perform traffic analysis, intrusion analysis and detection

of threats. Additional duties would include the authoring of security procedures. The ideal candidate is required to

possess deep working knowledge of Intrusion Detection System (IDS) and Intrusion Protection System (IPS), and

the roles such systems play in detecting intrusion attempts and successfully protecting against such actions. The

successful candidate will work directly with practice management to create custom intrusion signatures and to help

detect specific network traffic and access anomalies. This requires comprehension of, and excellent experience with

most viruses and worms that may infiltrate into and propagate throughout large networks. In addition, the individual

must have experience in populating sensors with newly available signatures when responding to events or

management requests.


• UAG administration and configuration

• Recognize publicly known attack traffic patterns.

• Tune IDS/IPS systems

• Create and modify IDS/IPS signatures

• Install/configure/administer Unix/Linux servers

• Recognize "known" and suspicious attack traffic patterns

• Determine/recommend new detection/prevention methods/capabilities

• Write/read regular expressions

• New vulnerability identification

• Write/modify SEIM correlation rules and define SEIM content

• Lead internal Incident Response

• Provide diagnosis and assist in drafting remediation strategies.

• Weekly reporting and monthly summaries of events with detailed information on critical alerts/incidents


• Familiarity with SSAE 16 certification requirements

• STIG Knowledge and Understanding

• Vulnerability Assessment

• Windows Server Administration

• Exchange Administration

• Storage Administration

• Qualsys experience a plus

• Spelunk experience a plus


Seven or more years of demonstrable perimeter security administration, server administration, intrusion detection &

prevention and certification compliance.


• One or more GIAC certification (preferred) OR

• CISSP certification and/or CompTIA certification


• Undergraduate degree in related field preferred

• Relevant experience will be considered as compensation for degree as appropriate


Commensurate based on experience and education.

Start Date


Alvarez & Marsal - 22 months ago - save job
About this company
9 reviews
About Alvarez & Marsal: Alvarez & Marsal (A&M) is a global professional services firm specializing in turnaround and interim...