Senior IT Security Engineer -SOC (FM348)
Company Name:
Radiant Systems Inc
Senior IT Security Engineer (SOC) (FM348)
Location: Oakton, VA 22124
Duration: 1 Year Contract
Job Description:
U.S. Citizenship
Working hours: 12 hr schedule (11am 11pm or 11pm 11am)
Provide hands-on IDS analyst duties in a SOC (federal preferred) environment for Federal Agency.
Summary Requirement:
Experience performing recent hands-on IDS analyst duties in a SOC (federal preferred) environment (operational and technical with security analysis) is required and critical!
5 years threat management experience in a security operations environment
2 years as a SOC analyst level 3 performing security event and correlation monitoring
Firm understanding of incident response, signature tuning, and network protocols; web server defense; how attackers were generating the traffic; solid knowledge of DNS and how it works; TCP Headers; Web attack vectors and malware analysis.
Strong background with in depth analysis of security events and the ability to triage security events to determine which were real incidents.
Network Topology:
Quickly understand network routes taken by various assets in use on the networks
Firm understanding of security zones, VLANs, or interface context as associated with the networks
Intrusion Prevention:
Detecting and blocking malicious network traffic
Signature tuning
False positive reduction
TCP/IP manipulations
Understanding of evasion strategies
Detecting various attack vectors
Email security techniques
Data recovery techniques
Timestamp & File system analysis
Log parsing and correlation
Event Analysis:
Determine the purpose and/or outcome of security events as they are being observed in the logs and do discovery on activity events
Ability to analyze report on packet captures
Solid knowledge of Windows OS, Linux OS, create virtual sandbox(s) to create minor shell scripts or VB/Access to support data extraction correlation and discovery
Network Forensics:
Firm understanding of network and operating system forensics
Chain of Custody and evidence collection
Identify malware and suspicious activity patterns in firewall, router, and server logs when an IPS has not detected the activity (ingress and egress)
Review IPS event activities
Interpret format, syntax, and contexts used within Cisco firewall ACL configuration files
Report risks and security events related malicious activity which may be dropped by the router interface prior to reaching further defense-in-depth controls
Training:
Train customer personnel
Required Intrusion Prevention Systems
Experience: SourceFire, Cisco and Enterasys
Required Security Information and Event Management (SIEM)
Experience: Trustwave and Arcsight SIEM
Skill Matrix:
1) Network Protocols - Expert - Required
2) Hands-on IDS Analyst Engineering - Expert - Required
3) Must Pass Public Trust - Expert - Required
4) Incident Response Expert - Required
5) Security Event and Correlation Monitoring - Intermediate - Required
6) 5 Years Threat Management Experience in Security Intermediate - Required
7) Web Attack Causes and Approaches -Intermediate - Required
8) Signature Tuning - Intermediate - Required
9) SOC Environment IDS Analyst - Intermediate Desired
Interested candidates can forward your resume to or I can be reached @ 908-279-8899 X 443Estimated Salary: $20 to $28 per hour based on qualifications.
Radiant Systems Inc
Senior IT Security Engineer (SOC) (FM348)
Location: Oakton, VA 22124
Duration: 1 Year Contract
Job Description:
U.S. Citizenship
Working hours: 12 hr schedule (11am 11pm or 11pm 11am)
Provide hands-on IDS analyst duties in a SOC (federal preferred) environment for Federal Agency.
Summary Requirement:
Experience performing recent hands-on IDS analyst duties in a SOC (federal preferred) environment (operational and technical with security analysis) is required and critical!
5 years threat management experience in a security operations environment
2 years as a SOC analyst level 3 performing security event and correlation monitoring
Firm understanding of incident response, signature tuning, and network protocols; web server defense; how attackers were generating the traffic; solid knowledge of DNS and how it works; TCP Headers; Web attack vectors and malware analysis.
Strong background with in depth analysis of security events and the ability to triage security events to determine which were real incidents.
Network Topology:
Quickly understand network routes taken by various assets in use on the networks
Firm understanding of security zones, VLANs, or interface context as associated with the networks
Intrusion Prevention:
Detecting and blocking malicious network traffic
Signature tuning
False positive reduction
TCP/IP manipulations
Understanding of evasion strategies
Detecting various attack vectors
Email security techniques
Data recovery techniques
Timestamp & File system analysis
Log parsing and correlation
Event Analysis:
Determine the purpose and/or outcome of security events as they are being observed in the logs and do discovery on activity events
Ability to analyze report on packet captures
Solid knowledge of Windows OS, Linux OS, create virtual sandbox(s) to create minor shell scripts or VB/Access to support data extraction correlation and discovery
Network Forensics:
Firm understanding of network and operating system forensics
Chain of Custody and evidence collection
Identify malware and suspicious activity patterns in firewall, router, and server logs when an IPS has not detected the activity (ingress and egress)
Review IPS event activities
Interpret format, syntax, and contexts used within Cisco firewall ACL configuration files
Report risks and security events related malicious activity which may be dropped by the router interface prior to reaching further defense-in-depth controls
Training:
Train customer personnel
Required Intrusion Prevention Systems
Experience: SourceFire, Cisco and Enterasys
Required Security Information and Event Management (SIEM)
Experience: Trustwave and Arcsight SIEM
Skill Matrix:
1) Network Protocols - Expert - Required
2) Hands-on IDS Analyst Engineering - Expert - Required
3) Must Pass Public Trust - Expert - Required
4) Incident Response Expert - Required
5) Security Event and Correlation Monitoring - Intermediate - Required
6) 5 Years Threat Management Experience in Security Intermediate - Required
7) Web Attack Causes and Approaches -Intermediate - Required
8) Signature Tuning - Intermediate - Required
9) SOC Environment IDS Analyst - Intermediate Desired
Interested candidates can forward your resume to or I can be reached @ 908-279-8899 X 443Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
