CISSP Jobs - Cyber-Security Operational Support Specialist, 13098

at Spectraforce
Location Princeton, NJ
Date Posted February 19, 2019
Category Default
Job Type Contractor

Description




Title: Cyber-Security Operational Support Specialist

Duration: 6 month (with possible extension)

Location: Princeton NJ 08543

Job Description:

 Position needed for Cyber Threat Operations capabilities

 Level 2 Cybersecurity Analyst (Incident Response/SIEM/Malware Analysis/Network Packet Analysis)

 Seeking an experienced Level 2 cybersecurity analyst to serve as a consultant performing incident response triage and analysis using network security tools in a CIRT/SOC environment. Primary tools capabilities include Endpoint Detection and Response (EDR), Network Full Packet Capture, Malware Sandbox, and SIEM

Responsibilities

 Level 2 advanced member of cyber threat operations team that is responsible for detection and response for advanced threats. Recognizes and identifies potential threats to the network and systems connected to the network from the Internet and Intranet.

 Operates, documents, and maintains security controls. Monitors for, and investigates potential security breaches. The team also reviews internal and external network traffic to create policies that intercept Malware and other network attacks using network packet capture and other network IDS capabilities.

 Additionally the team is responsible for the infrastructure support, configuration, and use of the Endpoint Detection and Response (EDR) environment, to detect and respond to advanced threats.

 Second-level support to review, triage, analyze, and respond to alerts received in SIEM and other cyber security detection tools

 Proactively review network data packets for potential attacks

 Malware analysis as appropriate

 Support forensic investigations as appropriate

Work Experience/ Skills Required

 Minimum of 3 years of InfoSec experience, preferably in a CIRT/SOC environment

 Minimum of 3 years but prefer 5+ years of Networking, TCP/IP, switching/routing/firewall experience.

 Minimum of 2 years but prefer 5 years of Network analysis, with a focus on security, tcpdump, windump, wireshark.

 Experience with host-based triage, forensics, and malware analysis using Endpoint Detection and Response (EDR) tool

 Experience analyzing network traffic with network monitoring toolset

 Experience analyzing log events and alerts in a SIEM environment

 Experience using a malware sandbox

 Experience with cyber incident response

 Experience with software and OS vulnerability, CVE, patch and threat analysis

Other requirements

 Experience with CVEs, patch analysis, threat analysis

 Written and verbal communication at a level appropriate for customer interaction/visibility

 Bachelor’s degree in a technical discipline is strongly preferred but will look at candidates with equivalent experience

Helpful industry certifications

 CISSP, SANS GIAC (GCIA, GCIH, GCFA, GNFA), CCIE, CCNA, CEH, Security+, Network+, and other security vendor specific certs.