Skip to Main Content

Information Security Analyst

TEKsystems San Jose, CA

  • Posted: over a month ago
  • Full-Time
  • Benefits: 401k, dental, medical, vision,
Job Description

Information Security Analyst

(100% remote; must work in PST or MST time zone)

Top Skills:

  • Experience using and SIEM tool (preferably Splunk) - Must be able to run a query in the tool
  • Experience working with digital forensic and incident investigation tools (preferably FTK)
  • Solid understanding both technically and functionally of AD, DNS, & DHCP, Group Policy, Security (including SID, GUID, permissions & NTFS) required

Job Description:

The Senior Analyst will be responsible for performing Digital Forensic Examinations and Incident Investigations on systems across multiple locations in the organization. Reporting to regional management in San Jose, CA the successful candidate will be functionally aligned with the Global Information Security Team ( InfoSec ) reporting to the Sr Director of Information Security. The role is aligned with delivering on Threat & Malware Mitigations: execute processes for remediation, awareness, monitoring and reporting.

  • Strong communication skills with all levels of the business on security issues are critical to ensure the company’s information assets are properly protected
  • The companies predominant client platform is Microsoft Windows 10. The ideal candidate will provide expertise in Windows desktop security environments
  • This position is highly technical and has an approximate split of 80% daily technical work, and 20% collaboration focus

Primary Responsibilities:

  • The ideal candidate will be responsible for managing information security incident and forensic investigations on all types of information systems
  • Work closely with both Operational groups and InfoSec members to promptly Analyze and Recover information systems within the organization to a specified service level agreement
  • Act as the interface to other technical and managerial staff and other groups within the organization in relation to specific incidents
  • Review and apply the strategy, policies, procedures tools and techniques relating to incident response and management activities
  • Develop, implement and maintain procedures, and techniques for responding to and managing information security incident activities and their deliverables
  • Correctly identify the range of response actions that may be used to mitigate information security incidents
  • Ensure that incident management teams remain focused on the resolving incidents and have clear priorities
  • Take decisive and timely action in the event of incidents impacting the integrity of information systems
  • Develop and maintain organizational capability in incident response and management

Additional Skills & Qualifications:

  • Certification is desirable
  • SANS FOR408 certification GIAC Certified Forensic Examiner (GCFE)
  • SANS FOR508 certification GIAC Certified Forensic Analyst (GCFA)
  • GSEC, GCIH, GCIA, GCWN, CEH or similar security certifications preferred
  • CISSP or similar security certification
  • Experience with GRR Investigative tools (Google Rapid Response) desirable
  • Experience with Splunk Required
  • Experience with Volatility for Memory Analysis desirable
  • Experience with SIEM tool Desired
  • PKI and certificates experience a plus
  • Strong experience with Windows , including 2+ years Windows Forensics Required
  • Experience analyzing Malicious Software
  • Experience with packet-based analysis of protocol desired
  • Experience in networking concepts and services such as VPN, IPSec, PKI and TCP/IP required
  • Experience with SNORT signature required
  • Experience with infrastructure firewalls, VPNs and Proxies required
  • 5+ years minimum experience of system administration of the Microsoft windows environment, specifically with Windows 10 and Windows Server.
  • Experience of using VMware Workstation or other virtualization software
  • Solid understanding both technically and functionally of AD, DNS, & DHCP, Group Policy, Security (including SID, GUID, permissions & NTFS) required
  • Experience of McAfee ‘s tools and Management software (ePolicy Orchestrator desired)
  • Knowledge in Windows SCCM required
  • Experience of using Malware Remediation Tools required
  • Experience with PenTest Tools (Nesus, Metasploit, BackTrack) desired

TEKsystems

Why Work Here?
Good for people who like break/fix work, looking for issues, how to fix it

TEKsystems's Logo

Address

San Jose, CA
USA

Industry

Technology

View all jobs at TEKsystems

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.