IT Job Pro

Most Popular Tech Job site – Find Jobs || Post Jobs

Incident Response

North Carolina, North Carolina PARC Consulting, LLC

INCIDENT RESPONSE ENGINEER

LOCATION: RTP, NC

SALARY: DOE

In this role, you will be part of a team that is responsible for analysis of cyber threats that could impact company resources.

JOB RESPONSIBILITIES

* Conducts security monitoring, the first level of triage and analysis, handles incoming notifications from personnel, and conducts the first notifications.
* Identify compromised computers using logs, live response, and related computer centric evidence sources
* Gather initial artifacts such as (malware samples, files, memory dumps, etc) from infected workstations
* Send unique artifacts to Incident Analysts for further analysis
* Accurate and timely routing of verified compromises to the appropriate IT operations teams for further analysis and remediation
* Appropriate escalation of incidents as defined in the established operating procedures
* Continually research the current threat landscape and tactics as it applies to team focus
* Advise management on the effectiveness of established operating procedures and recommend modifications where appropriate

REQUIREMENTS

* Foundational understanding of network communications (TCP/IP networks, HTTP basics)
* Foundational understanding of IT security principles
* Ability to work with a globally distributed team and rely heavily on electronic communication
* Strong oral and written communication skills
* The ability to travel as needed to support the corporate objectives.
* Must be willing to work some late hours India time, to align with US workforce.
* Previous operational experience in a CSIRT, CIRT, SOC, or CERT
* Foundational understanding tactics used by APT, Cyber Crime and other associated threat group
* Expert understanding of network communications (TCP/IP fundamentals, HTTP basics)
* Expert understanding of multiple operating systems such as Linux, Solaris, BSD, or Windows
* Expert understanding of intrusion detection systems (e.g. Snort, Suricata) and tools (e.g. tcpdump, Wireshark)
* Practical experience with security incident response
* Security Incident Management analysis, detection and handling of security events
* Comprehension of how attacks exploit operating systems and protocols
* Must understand how to analyze network traffic for suspicious and malicious activity
* Hands-on experience with other security technologies:
* Next-Gen Intrusion Detection Systems FireEye, Damballa, or Palo Alto WildFire
* Security Information & Event Management (SIEM) ArcSight, Splunk, QRadar, etc
* Packet capture technologies NetWitness, Solera, Moloch, or at a minimum, WireShark or tcpdump
* Scripting experience with one or more of the following: PERL, Bash, PowerShell, Python
* Ability to write technical documentation and present technical briefings to varying audiences
* Ability to work with a globally distributed team and rely heavily on electronic communication
* Ability to travel as needed to support the corporate objectives.

Desired Skills:

* Foundational understanding tactics used by APT, Cyber Crime and other associated threat group
* Experience with IT network communications troubleshooting (netflow, WireShark, traffic analysis)
* Experience with IT security technical controls (AV, Snort, firewall, syslog, SIEM, , ArcSight, Splunk)
* Experience with host-centric malware detection, identification and response
* Previous operational experience in a CIRT, SOC, or CERT
* Experience with the Cyber Kill Chain framework

EDUCATION AND EXPERIENCE

* 5+ years of information security experience is required; At least 3 years experience in security monitoring, digital forensic analysis, or incident response is preferred.
* A Bachelor of Arts or Sciences Degree is required; or equivalent experience.
* Demonstrated ability to have completed multiple, moderately complex technical tasks.

BENEFITS

* Competitive Base Salary with Uncapped Commission Opportunities
* Health, Dental and Vision Insurance
* Long and Short-Term Disability
* Life Insurance
* Vacation and Holiday Pay
* 401k Retirement Plan
* Referral Program
* Team Building Events

PARC Consulting, LLC. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, and any other characteristics protected by law.

REFER A FRIEND, REWARD YOURSELF.

WE LOVE SHARING, DONT YOU?

PARC CONSULTINGS REFERRAL PARTNERS UTILIZEPROFESSIONAL CONNECTIONS AND PERSONAL NETWORKS TO INFLUENCE TALENT ACQUISITION RESOURCES.

THESE PARTNERS REFER COLLEAGUES AND CORPORATIONS TO RECEIVE A PER

To apply for this job please visit itjobpro.com.