Duration: Full Time
Location- Lackland AFB, San Antonio, TXSecurity Clearance: Active Top Secret clearance or higher
Job Title: Sr. Security Consultant
Location: Atlanta GA
Type : DIRECT HIRE
Shift: Wed Sat (11am 10pm EST)
MAJOR JOB RESPONSIBILITIES:
· Monitor incoming event queues for potential security incidents
· Identify and act on anomalous network activity.
· Perform hunting for malicious network activity.
· Perform initial investigation and triage for potential security incidents.
· Provide accurate & priority driven analysis on cyber activity/threats.
· Perform payload analysis of packets.
· Detonate malware to assist with threat research.
· Resolve or coordinate the resolution (escalate) of cyber security events.
· Create, manage, and dispatch incident tickets.
· Monitor external event sources for security intelligence and actionable incidents.
· Maintain shift logs with relevant activity.
· Document investigation results, ensuring relevant details are passed to senior analysts and stakeholders.
· Participate in root cause analysis or lessons learned sessions.
· Write technical articles for knowledge sharing.
· Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit operation centers.
· Must comply with any regulatory requirements.
· A formal education in Computer Science or a related field; or equivalent experience in IT Security related roles is required.
· Experience with database monitoring security products like IBM Guardium preferred.
· Fundamental knowledge of IT core infrastructure and cyber security components//devices preferred.
· Minimum 1 year experience with TCP/IP Networking and knowledge of the OSI model preferred.
· Minimum 1 year experience with OS management and Network Devices preferred.
· Minimum 1 year experience with Intrusion Detection/Prevention Systems preferred.
· Minimum 1 year experience with Antivirus Systems preferred.
· Minimum 1 year experience monitoring threats via a SIEM console preferred.
· 1+ years performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs.
· Formal IT Security/Network Certification such as CompTIA Security +, Cisco CCNA, SANS GIAC Certified Intrusion Analyst (GCIA), InfoSphere Guardium preferred.
· Experience with packet analysis (Wireshark) and Malware analysis a plus.
· Experience working in a Security Operations Center environment is a plus.
· Client ArcSight experience is a plus.
Thanks & Regards,