perengo inc. (www.perengo.com)
Full Time Employee
Key role: This position will be primarily responsible for day to day security operations. Working hands-on implementing, operating, and supporting all security tools will be a large portion of this role s duties. The individual in the job will be a member of the Information Security Operations team. The person filling this position will develop and hold technical, industry-level, and regional expertise on Cyber network operations and emerging Cyber threats and trends and provide regional or functional network security and analytic support, pertaining to a wide-range of Cyber threat actors who affect multiple industries. Job Description: Provide implementation and operational support for all security tools, including but not limited to: Firewalls, Intrusion Detection (IDS), Intrusion Prevention (IPS), Data Loss Prevention (DLP), Vulnerability Scanning, File Integrity, Denial of Service (DDOS), and cloud computing. Provide highly technical examination, analysis and reporting of cyber based events to include collecting and analyzing intrusion information and use discovered data to enable mitigation potential cyber security incidents within the enterprise. Leverage network and host-based forensic tools as part of incident management functions. Monitor and review event and security logs to identify potential or confirmed breaches. Manage the use and reporting of a large-scale SIEM and Data Analytics implementation in a dynamic cloud service provider environment. Monitor and enforce guidelines for best practices in security and compliance. Respond to inquiries, guide and advise customers on security best practices. Take the lead on internal investigative and triage efforts by reviewing forensic analysis, reports, and data and collaborate with multiple other groups Lead security incident triage to include determining root cause and potential impact Track and document incidents from initial detection through final resolution including documenting requests and activities in case management system. Coordinate with and provide expert technical support to resolve cyber security incidents working with other technicians to correlate threat assessment data as needed. Create and maintain program procedures providing guidance and reports on incident findings to appropriate constituencies. Experience: Subject matter expert (SME) in one or multiple areas such as Firewalls, Intrusion Detection (IDS), Intrusion Prevention (IPS), Data Loss Prevention (DLP), Vulnerability Scanning, File Integrity, Threat Detection Analysis, Information Risk Management, Windows, or Unix including hands on experience. Experience with Cyber, computer network operations and exploitation, information operations or information warfare, or topical Cyber expertise. Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing Cyber threats. Ability to leverage online research tools to identify and navigate online forums, specialized Web sites, social media, and traditional sources. Detailed technical knowledge and operational experience in handling host and network based incident response scenarios. Ability to work all shifts on a rotational basis, including weekends and holidays, in a fast-paced work environment, as required. Intermediate Linux and Windows Server OS Administration capabilities. Ability to identify malicious files on Linux and Windows Server platforms. Experience with targeting or all source intelligence analysis Hands on experience with various SIEM tools and use case development Knowledge of malware types and malware analysis tools and procedures Strong Communication and Organizational Skills Ability to Perform/Troubleshoot in High Stress Environment Knowledge of malware types and malware analysis tools and procedures Experience with vulnerability management vulnerability scanning, reporting, and remediation management and file integrity management. Ability to report malware analysis output Previous Network Exploitation experience a plus. Strong Communication and Organizational Skills Ability to Perform/Troubleshoot in High Stress Environment 5 years Network Security Experience 5 years working with Log Aggregation and Analysis Tools 5 years developing custom Rules and Signatures CISSP or GCIH certification a plus Education: Bachelor''s degree or equivalent in Information Security or Cyber Security a plus.
Related Job Experiences: Electronic Systems Technician (EST) | Controls Technician | Calibration Laboratory Technician | Drafting Technician | Electronics Engineering Technician | Computer Engineering Technician | CNC Programmer (Computer Numerical Control Programmer) | Developmental Electronics Assembler |
Applicable Commuter Area of Southlake
To apply for this job, contact:
Mike Kofi Okyere