|Date Posted||February 5, 2019|
Pace Solutions is actively searching for a Network Security Analyst Responsible for a large, publicly traded company headquartered in Dallas, TX. The person in this position will be act as the liaison between IT Operations, Security Operations for planning, implementing, and monitoring IT Security Programs company wide. The ideal candidate is knowledgeable on the latest IT Security trends including potential threats, vulnerabilities, attacks, and countermeasures. Additionally, the person in this position is able to identify and know the difference between potential IT Security threats and false alarms to advise incident response teams on the proper steps needed for investigating and resolving IT security incidents. Individuals possessing Professional IT Security Certifications, experience working with Department of Homeland Security, and/or experience with Digital Media or Computer Forensics are strongly preferred!
- Manages Intrusion Detection System (IDS) and performs analyses of incidents from multiple sources for severity and risk.
- Leads by the art of influence by effectively communicating complex/technical issues with internal customers, external customers, and Senior Management
- Identifies, reports and resolves security incidents. If incident cannot be resolved, determines appropriate resources needed to resolve. Creates and tracks investigations through resolution.
- Composes security alert notifications and deploys and maintains security controls within the network environment to help prevent and detect security events.
- Maintains up-to-date knowledge of information technology related trends, external threats, current vulnerabilities, attacks, and countermeasures as they are published from organizations such as ICS-CERT.
- Responsible for collection and tracking of metrics related to IT security.
- Develops and implements programs and routines in various scripting languages to improve and automate tasks.
- Acts as primary interface between users and IT operations and security operations.
- Participates in the planning and executing of contracted services with outside vendors (e.g., security monitoring and analytical services).
- Perform network traffic and log analyses.
- Bachelor's degree in Computer Science or a closely related field and four years related experience in Information Security, or equivalent.
- Requires the ability to perform analyses involving ratios, percentages and simple statistical methods.
- Experience on a computer incident response Team (CIRT), computer emergency response team (CERT), computer security incident response center (CSIRC) or a security operations center (SOC).
- Experience with anti-virus, intrusion detection systems, firewalls, active directory, vulnerability assessment tools and other security tools found in large network environments; along with experience working with security information and event management (SIEM) solutions.
- Experience with vulnerability management, log management, analysis, and monitoring, virtual private networks, virtualization, firewalls, web application security concepts and intrusion detection/prevention systems.
- Shell scripting experience with awk, grep, sed, and Perl.
- Experience with syslog technologies (e.g., syslog-ng, rsyslog, Snare and SIEM technologies).
- Experience customizing syslog-ng filters based on key words, host names and destination paths.
- Strong technical background in operating systems (UNIX/Linux, Windows), internet applications (electronic mail, web, DNS/DHCP, TCP/IP), desktop software (Microsoft Office, virus detection programs), encryption (SSL, TLS, IPSEC) and networking hardware and software.
- Understanding of protocols and standards such as TCP/IP, LDAP and 802.1x and network management tools such as SNMP, and NIST.
- Knowledge of local and federal law enforcement practices, procedures, and evidential chain of custody, as related to IT security incidents.
- Strong knowledge of network packet analysis tools (ex, WireShark).
- Professional security certification (i.e., CEH, CISSP, ISSP, SSCP, GIAC, etc.). is a huge plus!