The Internet has a team. Come join it!! VeriSign, Inc. operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the nameservers for .com, .net and other top-level domains as well as many country-code top-level domains. Using our global infrastructure, Verisign processes over 60 billion interactions each day, more than three times the number of phone calls made in the United States daily. Verisign helps registrars expand markets and increase renewals with critical technology and unmatched experience. Verisign also offers a range of security services, including managed DNS, Distributed Denial of Service (DDOS) mitigation and cyber-threat reporting.
Functional Responsibilities and Skills:
- Manage all aspects of the security incident response process including but not limited to communication, analysis, containment, mitigation and root cause analysis.
- Perform forensic analysis and reporting on affected systems
- Perform day to day analysis of logs, enterprise threats and vulnerabilities including tracking of daily/weekly/monthly/yearly incidents.
- Create & update custom scripts to perform automated tasks.
- Create & update incident response policies, standards, & procedures.
- Demonstrate a thorough understanding of complex information systems and apply it to situations. Use extensive knowledge of the security industry to identify technological developments and evaluate impacts on VeriSign's business.
- Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services.
- Candidate must be able to handle multiple tasks simultaneously.
- Must have excellent verbal and written communications
- Knowledgeable with the concepts and is an expert in the area of Information Security incident response.
- Development of large corporation (Fortune 500) processes and procedures for security best practices.
- Detailed knowledge of scanners (such as Qualys, Nessus, Nmap, etc.) as well as forensic tools (such as EnCase, Coroner's Toolkit, Autopsy, Knoppix, etc.) is a must.
- Experience with identifying & validating application layer security issues on various operating systems (such as Linux, Solaris, Windows XP/2000/2003/Vista), appliances (such as firewalls, routers, switches) and applications (such as web servers, e-mail servers, etc).
- Comprehensive understanding of denial of service attack mitigation and malcode propogation & mitigation.
- Thorough understanding of TCP/IP suite protocols.
- 7 years experience.
- 5 years of Information Security forensics experience in operating systems & applications.
- 7 years of experience in the Fortune 500 IT security field dealing with TCP/IP, firewalls, IDS, Unix security/administration, encryption, authentication, and authorization technology (i.e., VPN, IPSEC, PKI, SSL, and SSH)
- Thorough understanding of general forensics concepts such as "chain of custody" and familiarity with related requirements to pursue legal action in a court of law.
- Capable of writing scripts to automate various processes.
- Demonstrated ability to write report and to participate in presentations
- Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
- Qualified candidates should have the right balance of leadership, problem solving abilities and operations skills.
- Knowledge of Intrusion Detection software is a plus.
- Occasional travel is a requirement.
Bachelor or Masters in Computer Science or related field