Cybersecurity Analyst – Level 3 (Incident Response, SIEM, Malware, Network Packet Analysis)

at Alpha Consulting Corp.
Location Princeton, NJ
Date Posted January 31, 2019
Category Default
Job Type Contractor

Description

CYBERSECURITY ANALYST LEVEL 3 (INCIDENT RESPONSE, SIEM, MALWARE, NETWORK PACKET ANALYSIS)
PRINCETON, NJ

Required Skills:

  • Minimum of 6-10 years of InfoSec experience, preferably in a CIRT/SOC environment.
  • Minimum of 6-10 years of Networking, TCP/IP, switching/routing/firewall experience.
  • Minimum of 6-10 years of Network analysis, with a focus on security, tcpdump, windump, wireshark.
  • 6-10 years Cyber Defense experience.
  • 6-10 years Cyber Security experience.
  • 6-10 years Forensic Analysis experience.
  • 6-10 years Incident Response experience.
  • 6-10 years Triage experience.
  • Experience with host-based triage, forensics, and malware analysis using Endpoint Detection and Response (EDR) tool
  • Experience analyzing network traffic with network monitoring toolset
  • Experience analyzing log events and alerts in a SIEM environment
  • Experience using a malware sandbox such as Cuckoo
  • Experience with cyber incident response
  • Experience with software and OS vulnerability, CVE, patch and threat analysis
  • Experience with CVEs, patch analysis, threat analysis
  • Written and verbal communication at a level appropriate for customer interaction/visibility
  • Bachelor*s degree in a technical discipline is strongly preferred but will look at candidates with equivalent experience
  • Helpful industry certifications:
    • CISSP, SANS GIAC (GCIA, GCIH, GCFA, GNFA), CCIE, CCNA, CEH, Security+, Network+, and other security vendor specific certs.

Project Description:
Level 3 Cybersecurity Analyst (Incident Response/SIEM/Malware Analysis/Network Packet Analysis) seeking an experienced Level 3 advanced security analyst to serve as a consultant performing incident response triage and analysis using network security tools in a CIRT/SOC environment. Primary tools capabilities include Endpoint Detection and Response (EDR), Network Full Packet Capture, Malware Sandbox, and SIEM.

  • Level 3 advanced member of cyber threat operations team that is responsible for detection and response for advanced threats.
  • Recognizes and identifies potential threats to the network and systems connected to the network from the Internet and Intranet.
  • Operates, documents, and maintains security controls. Monitors for, and investigates potential security breaches.
  • The team also reviews internal and external network traffic to create policies that intercept Malware and other network attacks using network packet capture and other network IDS capabilities.
  • Additionally the team is responsible for the infrastructure support, configuration, and use of the Endpoint Detection and Response (EDR) environment, to detect and respond to advanced threats.
  • Third-level support to review, triage, analyze, and respond to alerts received in SIEM and other cyber security detection tools.
  • Support infrastructure of the Endpoint Detection and Response environment.
  • Create host-based Indicator of Compromise (IoCs).
  • Proactively review network data packets for potential attacks.
  • Malware analysis as appropriate.
  • Support forensic investigations as appropriate.
  • Consult on building correlation rules & alerts for the SIEM and other detection tools to identify anomalous, suspicious, or malicious activity.

This 6+ month position starts ASAP.

Please E-MAIL your resume (attachment to email) with rate and availability to Cheryl: [Click Here to Email Your Resumé]

ALPHA'S REQUIREMENT #19-00205
MUST BE ELIGIBLE TO WORK IN THE U.S. AS AN HOURLY W2 EMPLOYEE