Security Analyst (EnCE/ OSCP/ CISSP) with monitoring, incident response, SIEM, network protocols, architecture, Bro/ Suricata/ Sourcefire/ Snort/ Wireshark, Perl/ Python/ PowerShell/ Bash, operating/ integrating information security tools and SANS Experience

Job id : MI-571536 (98590806)

Security Analyst (EnCE/ OSCP/ CISSP) with monitoring, incident response, SIEM, network protocols, architecture, Bro/ Suricata/ Sourcefire/ Snort/ Wireshark, Perl/ Python/ PowerShell/ Bash, operating/ integrating information security tools and SANS Experience

Location: 7150 Harris Dr, Dimondale, MI 48821 (DTMB- MCS)
Duration: 12 months
Interview – IN PERSON ONLY

Skill Required / Desired Amount of Experience
In-depth knowledge of security monitoring and incident response Required 5 Years
Knowledge of conducting security investigations. Required 5 Years
Experience with using and customizing SIEM products. Desired 5 Years
Solid understanding of network protocols and architecture. Required 5 Years
Demonstrated experience with performing digital forensics and incident response using industry leading tools. Required 5 Years
Experience with network intrusion detection and analysis tools such as Bro, Suricata, Sourcefire, Snort and Wireshark. Required 5 Years
Experience solving problems with scripting languages such as Perl, Python, PowerShell or Bash. Required 5 Years
Demonstrated experience operating information security tools is required. Required 5 Years
Demonstrated experience integrating information security tools is required. Required 5 Years
Understanding of the tactics, techniques and procedures of advanced attackers Required 5 Years
Ability to leverage multiple forms of communication to articulate complex concepts to technical and non-technical staff, including senior management Required 5 Years
SANS Training Desired
EnCase Certified Examiner (EnCE) Desired
Offensive Security Certified Professional (OSCP) Desired
CISSP Desired
3-5years of experience in Security Operations and Incident Response. Required 3 Years

Years of Experience:
5 or more years of experience in the field.

Job Description:
• Member of the Michigan Security Operations Center (MiSOC) and will focus on Incident Response.
• Identify security issues and risks associated with security events and manage the incident response process.
• Participate in the incident response and investigation process for identified security events.
• Use the Security Incident Event Management (SIEM) platform (IBM’s QRadar) to perform Incident Response identification and response.
• Perform network and system forensics in response to security incidents.
• Optimize and customize security-monitoring tools to improve detection.
• Hunt for signs of APT activities.
• Maintain and update the security operational workflow.

MI_E-RTR_571536.doc

MI_Resume_Template-571536.doc

Leave a Reply