We are seeking a contractor to assist in enhancing our Security Operations Center in Menlo Park, CA. This individual will lead the development of SOC procedures to maximize efficiency, optimize current security tools, and minimize risk, impact, and disruption to users. Areas of focus will include threat hunting, remediation, incident response, forensic procedures, and optimization of security tools. The consultant will work primarily with the Information Security team, but will be working closely with the technical support, IT operations, and networking teams to develop and implement procedures.
The candidate should possess a deep understanding of the presence of malicious activity reported, characterization and forensic engineering of compromised systems, operations security, compliance, mitigation, and analysis through tools that detect advanced threats. Experience with incident response is critical for this role as is the ability to assess risk given information on IOC’s and vulnerabilities.
• Assist information security and technical support teams with development and implementation of customized incident response procedures.
• Develop daily SOC and threat hunting processes using current SIEM, EDR, and other security tools
• Help develop a risk determination method for analysis of potential threats
• Advise and create remediation procedures designed to minimize impact and user disruptions.
• Develop procedures for technical and forensic investigation, including damage determination and analysis
• Automate implementation of support processes to increase the efficiency of the information security and operations teams
• Assist in the development and review of clear and easily understood application and process documentation consistent with department standards
• Assis with mapping SOC and incident response procedures with relevant NIST control requirements.
• Provide guidance on optimization of current security tools
• Identify and suggest solutions for gaps in current Information Security program
• 4-8 years of experience in Information Systems Security
• At least 5 years of experience working in a SOC environment
• Experience responding to a variety of security incidents
• Computer forensic skills are a plus
• Bachelor’s degree in Computer Science or Information Systems or equivalent required.
• Certification preferred (CISSP)
• Experience in the management and troubleshooting of large enterprise applications
• Broad background in enterprise security technologies and integration strategies around application deployment
• Proficient with Splunk including Splunk Enterprise
• Proficient with Tenable Security Center
• Proficient with CrowdStrike EDR
• Proficient with MacOS, Windows, and Linux
• Experience with CASB solutions is a plus
• Well versed with using vulnerability assessment tools and analyzing the results generated from these assessments
• Knowledge and experience with information security program requirements related to - NIST (800-53 / 800-171), FISMA, CUI, Federal government agencies, etc.
• Must have the ability to conduct validation testing using automated assessment tools.
• Must possess excellent communication, organizational and customer service skills.
• Technical knowledge of computer and network hardware and software systems.
• Specialized knowledge in areas such as computer forensic investigations, systems security administration, design and implementation, and data recovery and network security control.
• Experience working with organizations involved in US Government contract work is a plusIf you are interested in applying, please email me at: IBarba (at) advantageresourcing.com, call 408-367-1477, or click the “Apply” button.