Cyber Security Analyst-Incident Detection & Response Architect

Maryland  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Description

Job Description:
Responsible for planning, designing, and implementing a process for cyber security monitoring, incident detection, and incident response.

Responsibilities:
  • Responsible for the maintenance, operations, development, engineering and implementation of CyberSOC security tools and capabilities.
  • Support and maintain Splunk indexers, search heads, deployment server and infrastructure in high availability configuration.
  • Configure, deploy, manage, tune Splunk forwarders across a variety of Windows and Linux platforms.
  • Create and maintain Splunk dashboards and reports utilizing Splunk Enterprise Security application.
  • Identify and implement new tools and capabilities including Splunk features, use cases, community projects and other applications that may be applicable to the enterprise.
  • Provide support and administration for the enterprise anti-virus (AV)/end-point protection platform.
  • Mentor and train users on Splunk, AV, IDS and other analysis tools.
  • Create and maintain documentation for support of suite of security tools.
  • Lead implementation efforts for automation of processes and procedures.
  • Provide support and administration of other security tools such as IDS, open source tools, etc.
SKILLS:

Education/Experience:
  • Bachelor's degree in Cyber/Information Security or related discipline.
  • Minimum 3 years working with Splunk in 24x7 environment.
  • Experience configuring and customizing Splunk Enterprise Security app.
  • Working knowledge of log management, security event, and application monitoring practices.
  • Good understanding of Linux and Windows operating systems and internals.
  • Proficient in Perl, Python or Shell Scripting.
  • In depth understanding of network architecture fundamentals including TCP/IP, DNS, Firewalls, routing, and troubleshooting.
  • In depth understanding of IT system management practices and processes including troubleshooting, optimization, system hardening and change management.
  • Experience managing security tools in enterprise environments (Symantec Endpoint Protection, Snort, Bro, FireEye, Ironport, Jira, etc).
  • Experience with application whitelisting, device controls, egress filtering, data analytics, threat intelligence, or vulnerability management a plus.
Start date
n.a
From
Synectics
Published at
12.02.2015
Project ID:
849634
Contract type
Freelance
To apply to this project you must log in.
Register