|Reference #||18-01781||Title||Information Security Systems Administrator|
|Start Date / End Date||19-11-2018 --- 31-05-2019|
Information Security Systems Supervisor Job Announcement
" Will be responsible for the execution of incident handling functions as well as direct response to security incidents affecting DES.
" Propose and coordinate incident response plans
" Correlate incident data to identify specific vulnerabilities and make recommendations that enable containment of the threats and an expeditious remediation
" Clearly document/communicate processes and findings to both technical and executive audiences
" Identify gaps and bottlenecks in remediation processes, develop metrics around and provide process improvement recommendations.
" Support security reviews/vulnerability risk assessments of network environments
" Conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations.
" Recognize and organize attacker tools, tactics, and procedures (TTPs) and indicators of compromise (IOCs) that can be applied to current and future investigations.
" Conducts as needed ad-hoc incident analysis
" Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities
" Periodically assess the limitations of the existing methods and tools in the hunter/responder toolset and propose enhancements.
" Leverage threat intelligence, document threats as needed and share intelligence from analysis to further enhance service quality and delivery
" Coach less experienced members of the team in threat hunting and incident response topics
What you have:
" Minimum 8+ years' experience in Information Technology
" Minimum 5+ years' experience in Information Security
" Strong research background and an analytical approach
" Analytical security certification or demonstrable equivalent experience required
" Proven experience analyzing pen test findings
" Strong vulnerability scanner background and experience such as Qualys or Nessus.
" Develop and improve KPIs, metrics, and trending for vulnerability management functions.
" This role requires experience effectively communicating event details and technical analysis to technical audiences and stakeholders on the client side.
" Strong analytical and problem-solving skills
" Ability to multi-task and prioritize workload
" Solid understand of the TCP/IP protocol suite, security architecture, and security techniques/products.
" Experience with various security management tools (Vulnerability Management, Configuration Management, SIEM, etc.)
" Ability to analyze captured data to perform incident response and identify potential compromises to customer networks
" Experience with various security monitoring and endpoint security tools
" Good understanding of the components of a threat intelligence capability
" Experience with a scripting language such as Perl, Ruby, Python, and BASH