The Information Security Engineer/SOC Analyst, (CISSP, CEH, GSEC Certified) under the direction of the Director of Information Security, is responsible for the protection of the company’s physical and non-physical Information Technology assets. This position will be an Engineering position in the Security Operations Center (SOC) as one of the SOC AnalystThis position would focus on the support and investigations of our corporate-wide SEM (Security Event Monitoring) system, Investigations, Incident Response, Threat & Malware Analysis, Forensic and vulnerability remediation. This includes monitoring and security for, but is not limited to, network equipment, servers, desktop and laptop computers, software, and electronic information
Computer Security Incident Response - Must be able to analyze output from various technologies in order to effectively investigative security incidents.
Applicants need to be able to ascertain and determine not only root cause and damage caused, and additionally identify the methods utilized by intruder, as well as ascertain the ongoing potential risk and exposure to the breached system and to the greater client environment. Candidates must be able to analyze event logs/system logs (both independently and within a SIEM), from Windows Operating Systems, Unix/Linux Operating Systems, Cisco PIX/Switches/ Routers, Wireshark/Ethereal network captures. Candidate should have experience in growing or building out an Incident Response team.
Malware Analysis - Experience performing forensic analysis of Windows systems to identify and evaluate malware related compromise artifacts
Computer Forensics - Skilled in the use of Guidance Software EnCase and FTK Forensic Took Kit 2+ years of experience requested. Candidates should have experience with both standalone and enterprise versions of forensic tools.
Experience and Education
BA/BS in related field preferred. Equivalent experience/certification acceptable.
4 + years of experience in technical information systems positions, with at least 2 years’ experience in a pure information security position (firewall engineer, IDS engineer, penetration tester, etc.)
CISSP or GSEC Certifications or be able to achieve certification within 6 months
CEH Certification a plus
Experience with information security policies, intrusion response procedures, disaster recovery procedures, risk analysis, and significant experience administering the operations of a complex security infrastructure.
Keyword: CISSPCEHGSEC certified
From: Kratos Defense