Sr Contract Security Analyst
GOAHEAD SOLUTIONS LLC
Pleasanton, CA
- $80 to $100 Hourly
- Full-Time
Job Description
Company Info
Job Description
Seeking a Sr Security Analyst Consultant to lead staff in the implementation & execution of technical aspects of the client’s enterprise security plan. Will be the SME on security issues & projects so that ESEC team members can increase their security knowledge.
Duration: 12 months
Job type: Contract position
Location: Pleasanton or Vacaville (onsite for the 1st week, onsite as needed onward)
Duties/responsibilities:
-Provide the highest quality services in the shortest timeframe possible with effective & efficient transfer knowledge to client’s employees.
-A self-starter that can come up to speed in domain knowledge in a very short period. Proactively identify & assess threats to client users, network & data.
-Monitor & respond to reports of malicious activity. Respond & investigate intrusions & security events. Demonstrate an understanding of client threat landscape.
-Perform thorough analysis of attacks & anomalous network behavior. Provide summarized & detailed analysis & documentation in support of ESEC
-Perform proficient forensic analysis using security tools & processes. Identify Actionable Intelligence by processing Threat Intelligence (TI).
-Demonstrate ability to identify, contain, eradicate & recover from security incidents. Collaborate with client business units, partners & individuals to mitigate security threats.
-Advise the CISO & ESEC team on matters involving organizational, strategic, tactical & security best practices related to forensics & sec. incidents mgt.
-Attend meetings/represent ESEC as a sr. lead for all sec. matters. Act as lead/co-lead/backup on assigned ESEC projects
-Mentor jr. staff colleagues. Create SOP & training documents.
-Other duties, to be assigned as needed.
Tech. stack environment exp:
-Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
-OS: UNIX, LINUX, WINDOWS.
-Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
-Network protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
-DB’s: Oracle, SQL, MySQL.
-Cloud Platforms: IAAS, PAAS, SAAS.
-Sec. concepts: Encryption, Hardening, etc.
-Sec. GRC.
-Forensic analysis tools.
-AD.
-Programming languages a plus.
-Computer forensics exp. a plus.
-Prior SIEM exp. a plus.
-Malware analysis skills a plus.
Exp.
-At least 10yrs of overall enterprise information security exp.
-At least 5yrs. of technical exp. conducting sec. incident response & forensic analysis.
-At least 5yrs of Cyber Threat Intelligence exp. & making the information usable through the sec. incident process.
-Working exp. of applying IOCs to identify threats in current environment & apply information to prevent future vulnerabilities in the infrastructure tech sec.
-Working exp. using best practices standards & frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.
Duration: 12 months
Job type: Contract position
Location: Pleasanton or Vacaville (onsite for the 1st week, onsite as needed onward)
Duties/responsibilities:
-Provide the highest quality services in the shortest timeframe possible with effective & efficient transfer knowledge to client’s employees.
-A self-starter that can come up to speed in domain knowledge in a very short period. Proactively identify & assess threats to client users, network & data.
-Monitor & respond to reports of malicious activity. Respond & investigate intrusions & security events. Demonstrate an understanding of client threat landscape.
-Perform thorough analysis of attacks & anomalous network behavior. Provide summarized & detailed analysis & documentation in support of ESEC
-Perform proficient forensic analysis using security tools & processes. Identify Actionable Intelligence by processing Threat Intelligence (TI).
-Demonstrate ability to identify, contain, eradicate & recover from security incidents. Collaborate with client business units, partners & individuals to mitigate security threats.
-Advise the CISO & ESEC team on matters involving organizational, strategic, tactical & security best practices related to forensics & sec. incidents mgt.
-Attend meetings/represent ESEC as a sr. lead for all sec. matters. Act as lead/co-lead/backup on assigned ESEC projects
-Mentor jr. staff colleagues. Create SOP & training documents.
-Other duties, to be assigned as needed.
Tech. stack environment exp:
-Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
-OS: UNIX, LINUX, WINDOWS.
-Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
-Network protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
-DB’s: Oracle, SQL, MySQL.
-Cloud Platforms: IAAS, PAAS, SAAS.
-Sec. concepts: Encryption, Hardening, etc.
-Sec. GRC.
-Forensic analysis tools.
-AD.
-Programming languages a plus.
-Computer forensics exp. a plus.
-Prior SIEM exp. a plus.
-Malware analysis skills a plus.
Exp.
-At least 10yrs of overall enterprise information security exp.
-At least 5yrs. of technical exp. conducting sec. incident response & forensic analysis.
-At least 5yrs of Cyber Threat Intelligence exp. & making the information usable through the sec. incident process.
-Working exp. of applying IOCs to identify threats in current environment & apply information to prevent future vulnerabilities in the infrastructure tech sec.
-Working exp. using best practices standards & frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.
How can the hiring manager reach you?
You Already Have an Account
We're sending an email you can use to verify and access your account.
If you know your password, you can go to the sign in page.