Security Analyst
Apply NowCompany: Logix Guru
Location: Pleasanton, CA 94566
Description:
Our client in California is seeking a Security Analyst to join their team on a long-term contract.
The tasks for the Security Analyst include, but are not limited to, the following:
Technical Knowledge and Skills:
Professional Skills:
The Consultant resources(s) shall possess most of the following skills:
Core Competencies:
The tasks for the Security Analyst include, but are not limited to, the following:
- Proactively identify and assess threats to State Funds users, network and data
- Monitor and respond to reports of malicious activity
- Respond and investigate intrusions and security events
- Demonstrate an understanding of State Funds threat landscape
- Perform thorough analysis of attacks and anomalous network behavior
- Provide summarized and detailed analysis and documentation in support of ESEC
- Perform proficient forensic analysis using security tools and processes
- Identify Actionable Intelligence by processing Threat Intelligence (TI)
- Demonstrate ability to identify, contain, eradicate and recover from security incidents
- Collaborate with State Fund business units, partners and individuals to mitigate security threats
- Advise the CISO and ESEC Team on matters involving organizational, strategic, tactical, and security best practices related to forensics and security incidents management
- Attend meetings/Represent ESEC as a Senior Lead for all security matters
- Act as Lead/Co-Lead/Backup on assigned ESEC projects
- Mentor junior staff colleagues
- Create Standard Operating Procedures and training documents
- Other duties, to be assigned as needed
Technical Knowledge and Skills:
- Minimum of 5+ years of technical experience conducting security incident response and forensic analysis.
- Working experience of obtaining Cyber Threat Intelligence and making the information usable through the security incident process.
- Working experience of applying IOCs to identify threats in current environment and apply information to prevent future vulnerabilities in infrastructure.
- Technical security project management skills.
- Working experience using best practices standards and frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.
- WORKING EXPERIENCE, at a minimum:
- Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
- Operating Systems: UNIX, LINUX, WINDOWS.
- Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
- Network Protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
- Databases: Oracle, SQL, MYSQL.
- Cloud Platforms: IAAS, PAAS, SAAS.
- Security Concepts: Encryption, Hardening, etc.
- Security GRC.
- Forensic Analysis Tools.
- Active Directory.
- Programming Languages are a plus.
- Computer Forensic experience a plus.
- Prior SIEM experience a plus.
- Malware analysis skills a plus.
Professional Skills:
The Consultant resources(s) shall possess most of the following skills:
- Strong Analytical and Critical Thinking Skills
- Ability to analyze information and formulate solutions to problems.
- Provide more in-depth analysis with a high-level view of goals and end deliverables.
- Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
- Plan and manage all aspects of the support function.
- Extensive knowledge of and proven experience with information technology systems and methods of developing, testing and moving solutions to implementation.
- Expert knowledge in project management practices and ability to document process and procedures as needed.
- Self-motivated self-starters/proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables.
- Ask questions and share information gained with other support team members, recording and documenting this knowledge.
- Elicit and gather user requirements and/or problem description information, and record this information accurately.
- Listen carefully and act upon user requirements or requests.
- Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons.
- Follow the lead of others on assigned projects as well as take the lead when deemed appropriate.
- Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources.
- Take responsibility for the integrity of the solution.
- Present solutions (technical and non-technical) to management and decision makers.
- Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision.
- Experience in managing multiple projects.
- 5+ Years' experience in information security and forensics and/or security incident response.
- CISSP and CCFP or equivalent certification desired (e.g., CCE, CHFI). Other highly desirable security certifications may be substituted for CISSP (e.g., CISA, CISM, etc.)
Core Competencies:
- Act with integrity
- Use sound judgement
- Commitment to quality
- Demonstrate adaptability
- Innovate
- Think strategically
- Communicate effectively and influence others
- Work well both independently and as part of a team