Security Engineer

Washington, DC | Contract to Hire

Post Date: 08/16/2018 Job ID: 226931 Industry: IT



Security Engineer

Description:

  • The successful candidate must be well-versed in security operations, cyber security tools and intrusion detection.

  • You will be responsible for coordinating resources across the enterprise and consolidating log data into a centralized repository (LogRythym/ Splunk) where they will be correlated, analyzed and enriched by other threat analysts to identify Indicators of Compromises (IOCs), Advanced Persistent Threat (APT) and other unauthorized activities on the network.

  • Provide proactive event monitoring/event management/configuration of the following security tools for targeted threats and malicious activity including but not limited to: Splunk, FireEye, McAfee EPO, WebSense, Symantec A/V, PhishMe, and WireShark.

  • Determine if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation and notify team lead or designate within 15 minutes

  • Review audit logs and identify any unusual or suspect behavior

  • Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks

  • Develop and execute custom scripts to identify host-based indicators of compromise

  • Provide proactive APT hunting, incident response support, and advanced analytic capabilities

  • Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH)

  • Proactively monitor SOC provided tools.

  • Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises Handle incident escalations as necessary from other analysts. Manage incident responses and coordinate remediation with customers

 

Required skills:

  • 3+ years working in an Enterprise-level IT security department –

  • 3+ years of Splunk experience including implementation, administration, planning deploying, monitoring, troubleshooting, reporting and dashboards

  • 3+ years security related tools experience including FireEye (HX, NX, EX), WebSense, Symantec EndPoint Protection, and McAfee ePO.

  • Proficient using PCAP

  • Knowledge of threat detection and analysis protocols.

  • Must be able to collaborate in a team atmosphere and communicate through various technology channels with other team members and end users.

  • Interpersonal skills including the ability to collaborate effectively, self-awareness, and excellent written and oral communications.

  • Detail Oriented

  • Scripting Language Experience (PowerShell, Python, or something similar)

  • Knowledge of network, network protocols, and OSI model. Must be able to differentiate the between what layer 2 switch, layer 3 router, and the application layer.

  • Knowledge of LINUX and Windows 7 and 10, and VDI.

 
Apply Online
Apply with Facebook Apply with LinkedIn

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: