Network Engineer Security ConsultantPosted: 2 weeks ago
Security Support Specialist candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. Candidate will serve as an expert and be responsible for providing network and security operations technical analysis, assessment and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring with 5+ Years of direct industry experience.
- SIEM (prefer QRADAR or Splunk) experience in custom queries, searches, creating correlated alerts, and dashboard creation
- QRADAR or similar SIEM experience from the perspective of creating searches and understanding how to pivot in the data fields to follow an investigation.
- An understanding of how to mine IOCs and what to do with them.
- Understanding of what an APT and FO (Focused Operators) are and how they work
- Event/Incident research specifically as it ties into APTs and FOs
- Understanding of the APT Kill Chain
- An understanding of Hacker/APT TTPs
- An understanding and analysis of event logging from many different devices
- Knowledge of Packet Analysis
- Experience in CarbonBlack, Bluecote proxy, Fireeye, Bightsite,
- Understanding of malware and malware behavior
- Develop and distribute information and alerts on required corrective actions to the organization.
- Work closely with Vulnerability Management teams
- Good technical knowledge on implementing security solutions using Cisco routers and switches.
- Excellent Knowledge & experience in Security related technologies to design and implement IDS/IPS, content filtering solutions, encryption protocols and technologies.
- Independent/Team worker
• Security+, GCIA, CEH, SIEM training"
• CISSP is preferred.