Job Description

Do you love working within a dynamic team environment and gaining invaluable experience? Do you enjoy detecting and responding to information security events? This position will be a part of our Information Security Incident Response and Monitoring team, which is responsible for monitoring security events, and assisting with incident response activities. Candidates are expected to have previous experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, etc.

Job Description

PRIMARY RESPONSIBILITIES

* Monitor and respond to global security events utilizing state of the art security tools and managed services.

* Review and operate enterprise wide security platforms, investigate events using enterprise Security Information, Event Manager (SIEM) and various network forensic tools, and work with appropriate business units to remediate.

* Provide written summaries of security event indicators, recommend remediation activities, and other relevant information to business units.

* Prepare custom reports for a mixed technical and non-technical audience.

* Add /Remove log sources. Troubleshoot issues with log sources or systems with vendor, and report system defects as needed.

* Initiates automation as necessary to effectively manage system logs and security alarm reporting.

* Analyze security logs and investigate network and server security violations and intrusions.

* Apply broad security industry, technology, business and professional knowledge to contribute to policy-making and process design.

* Complete projects and tasks on an as needed basis.

QUALIFICATIONS

Required

* Technical knowledge and experience in operating system security and security best practices.

* Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, defense-in-depth and common security elements.

* Analytical and problem solving skills related to networking, operating systems, and malware analysis.

* Demonstrated interest in computer security, incident response, or computer forensics.

* Experience with network monitoring tools to monitor attacks/threats preferred.

* Organization and documentation.

* Excellent written and verbal communication skills.

Preferred

* Bachelor's Degree in MIS, Computer Science or related field.

* Candidate has 2-3 years of experience in IT or related field.

* Experience in securing large enterprise networks.

* CISSP or other relevant security certifications.