Information Security Analyst

Information Security Tech/Information Security Analyst
DETAILS Type: Perm
Location: Irving, TX 75039

We are looking for someone well-experienced in threat management.  Someone with a background in managing threats and intelligence.  Cloak & Dagger/Intelligence on who are the bad guys?  Are they foreign hackers?

• Investigate hits on indicators of compromise (IOC's) from software and threat feeds to assess impact
• Detect threats and anomalous behavior leveraging host, network and data logs and detection tools (Vontu, Splunk, NetWitness, Mandiant Incident Response-MIR).
• Provide forensic functions to collect, preserve, filter digital artifacts and to work with vendors who will be the primary parties to analyze the artifacts
• Interpret  static and dynamic software (potential malware) analysis
• Drive the uplift of sensory tools, detection tuning and access to data sources to support improved detection and team effectiveness
• Technical Writing capability and commercial effectiveness in the creation and generation of investigation synopses, graphical depiction of attacks and management presentations
• Manage forensic vendor engagements
• Document and explain technical details in a concise, understandable manner

REQUIRED:

• Critical thinking, problem solving
• Possession or ability to possess a SECRET or TS/SCI clearance from the US government
• Ability to work extremely well under pressure
• Must be very detail-oriented
• Fundamental understanding of network protocols
• Familiarity with secure engineering principles, risk management, technical information security testing, and threat intelligence and management
• Understanding of security controls for common platforms and devices, including Windows, Unix, Linux, and network equipment
• Technical background in incident response, computer forensics, malware analysis, development, or systems administration
• IT Infrastructure Proficiency with the following: MS operating system, PC hardware & networking, MS Outlook & Exchange Messaging, and various other technologies
• Experience in building and implementing standard operating procedures and processes pertaining for incident response.
• Possession of professional certifications and membership in professional associations is highly desirable.

Bonus Points:

• Scripting (eg, Perl, Python, VB).
• Mastery of Unix and Windows operating systems
• Experience with forensic image collection and analysis
• Host & Network Intrusion Detection
• IT network topology and security infrastructure; TCP/IP in-depth, routing protocols
• Advanced  anomaly detection
• Ability to deliver succinct and fact-based communications, both verbally and in writing
• Ability to successfully interface and establish rapport with clients (internal and external)
• Security tools (eg, netwitness, sourcefire, mandiant, encase, wireshark, metasploit).
• Event log analysis.
• Log management and support.
• English verbal and written English skills.