Senior Security Analyst
The Senior Security Analyst will have extensive experience in application and network analysis and incident response. The preferred candidate should also be able to identify root cause of compromised systems utilizing full packet captures of network activity and log data. This candidate must be able to work with a team and coordinate work actions with that team.
Candidates should possess the following skills:
- Solid understanding of core security technologies – Firewalls, IDS/IPS, SIEM, APT monitoring and prevention, AV
- Experience performing forensic analysis of application and infrastructure logs to identify vulnerable and/or compromised systems and endpoints (3+ years)
- Ability to identify actionable indicators of compromise based upon analysis of forensic data and packet captures
- Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred
- Ability and desire to mentor junior analysts
- Minimum three (3) years’ experience performing incident response with an emphasis on system compromise analysis
- Ability to analyze captured data to perform incident response and identify potential compromises to customer networks
- Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
- Experience analyzing both log and packet data to include the use of WireShark, tcpdump and other capture/analysis tools
- Ability to perform application and network based forensics and log analysis
- Strong understanding of incident response methodologies and technologies
- Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
- Participate in on-call rotation
Additional Qualifications (nice to have):
- Experience with network monitoring tools such as RSA Security Analytics / Netwitness, NIKSUN, Bluecoat Security Analytics
- Malware analysis and reverse engineering (3+ years)
- Technical certifications considered an asset are: GCIH, GCIA, CCNA, CCNP
This is a great opportunity to work for a dynamic, growing company. We look forward to having you join our highly motivated and expanding team!
Please send resumes to firstname.lastname@example.org. No phone calls, please.
INNO4 is an Equal Opportunity Employer. All offers of employment are subject to successful completion of pre-employment background and drug screening.