Sr. Security Admin

About the Job

• Deploy and maintain security sensors and tools
• Administrating the AV and deep security for end points
• Monitoring all security logs with the cooperate.
• Monitor security FWs and review logs/threats to identify intrusions
• Use high-level scripting/programming language to extract, de-obfuscate, or otherwise manipulate malware related data
• Work directly with cyber threat intelligence analysts to convert intelligence into useful detection
• Collaborate with incident response team to rapidly build detection rules as needed
• Identify incident root cause and take proactive mitigation steps with the network security team.
• Review vulnerabilities and track resolution
• Develop and implement detection use cases
• Develop and implement IDS/IPS signatures
• Assist with incident response efforts
• Create and brief customer reports
• Participate in on-call rotation for after-hours security and/or engineering issues
• Perform customer security assessments

Job Requirements

• BSc degree in Computer Science or related field or 4 additional years of work experience
• 6-10 years of IT experience
• 6 years of experience working in a Security environment
  Advanced training on anomaly detection; tool-specific training for data aggregation and analysis and threat intelligence
• Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance
• Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
• Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs
• Strong understanding of security compliance standards and frameworks (PCI, ISO, SOX, etc)
• Familiar with IoT security
• Sys admin skills (Linux/Mac/Windows); programming skills (Python, Ruby, PHP, C, C#, Java, Perl, and more); security skills (CISSP, GCIA GCIH, GCFA, GCFE)
• Fuse locally derived and externally sourced cyber threat intelligence into signatures, detection techniques, and analytics intended to detect and track the advanced threat
• Strong understanding of root causes of malware infections and proactive mitigation
• Strong understanding of lateral movement and footholds
• Strong understanding of data exfiltration techniques. Demonstrated ability in critical thinking, problem solving, and analytics
• Real world experience analyzing complex attacks and understand TTPs of threat actors
• Experience in network/host based intrusion analysis, malware analysis, forensics, and cyber threat intel
• Knowledge of advanced threat actors and complex attacks
• Knowledge of Splunk/Qradar/logarithm/steal watch/SolarWinds