Senior IT Security Systems Operator

ADGA is hiring multiple Senior IT Security Systems Operators to work in a Security Operations Centre for our client. The Security Operations Centre (SOC) cyber defence services include monitoring analysis and
response to cyber threat activity as well as engineering integration and operation of a variety of cyber
security technologies.

The resources will provide the following cyber defence services on a full-time basis:

• In-depth technical expertise in support of cyber security operations (monitoring detection analysis response)
• Engineering and implementation of complex analytics for detecting cyber threat activity
• In-depth technical expertise in cyber threat tactics techniques and procedures as well as malware reverse-engineering and cyber forensics
• Analyze Protocols (HTTP FTP SMTP DNS TLS S-MIME IPSec SSH)
• Research technical details of cyber attack activity documents findings and communicates toDFATD stakeholders
• Configure and implement technical IT security safeguards software and hardware security products on operating systems such as Microsoft and Linux
• Integrate and automate IT Security systems (for example: SIEM data ingestion and parsing shell scripting web services APIs)
• Configure intrusion detection systems firewalls and content checkers extracting and analyzing reports and logs and responding to security incidents
• Complete tasks directly supporting the departmental IT Security and Cyber Security Program
• Develop and deliver training material and supporting documentation
• Supports triage and remediating tracking effort of newly disclosed vulnerabilities affecting cloud and on-premises systems
• Access and integrate information from monitoring tools and other sources to decipher underlying trends or uncover anomalies and discern obscure patterns and attributes
• Compile results into reports or analytical products as required
• Prepare and present analysis in the form of briefings and/or reports
• Provide subject matter expertise on industry trends techniques related to Forensics Malware Analysis cloud security and Advanced Hunting

Qualifications :

Mandatory

• A minimum of 10 years of experience performing tasks such as:
  • Review analyze and/or apply:
    • Networking Protocols (HTTP FTP Telnet)
    • Internet security protocols (for example: SSL S-HTTP S-MIME IPSec SSH)
    • TCP/IP UDP DNS SMTP
    • Directory Standards such as X.400 X.500 and SMTP
    • Network routers multiplexers and switches
    • Network hardening (for example: shell scripting service identification)
    • Wireless technology
    • Technical threats to and vulnerabilities of networks
    • Technical IT Security safeguards
    • IT software and hardware security products
  • Configure operating systems such as MS Unix Linux and Novell
  • Configure IT Security management
  • Configure intrusion detection systems firewalls and content checkers extracting and analyzing reports and logs and responding to security incidents
  • Configure/update virus scanners
  • Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
  • Develop and deliver training material
• Must have one valid SANS Institute Global Information Assurance Certification (GIAC) certification in good standing from the following focus areas:
  • Cyber Defense
  • Cloud Security or
  • Digital Forensics & Incident Response.
• A minimum of 10 years of experience performing cyber incident response; researching and documenting technical details of cyber attack activity including:
  • Analyzing and characterizing threat activity according to industry standards attack types and methodologies.
  • Identifying validating and describing technical evidence of impact and progress of attacks through stages of the attack cycle.
  • Documenting technical findings in written reports and
  • Presenting the findings to technical and nontechnical audiences.
• A minimum of 5 years of network forensics experience using data from multiple sources to reconstruct and analyze cyber threat activity including in-depth analysis of:
  • Raw traffic content (TCP/IP various application protocols)
  • Network device metadata and firewall/IDS logs
  • Server application authentication and HTTP Logs
• A minimum of 10 years of experience performing in-depth reverse engineering of malware using both static and dynamic analysis techniques to produce actionable intelligence including the creation of YARA (Yet Another Recursive Acronym) rules or technical analytics to describe IOCs (Indicators of Compromise).
• A minimum of 10 years of experience performing in-depth binary code analysis within a Windows environment using static disassemblers and debuggers including analysis of code incorporating anti-analysis and tamper resistance techniques. Tools may include but are not limited to:
  • IDA Pro
  • Binary Ninja
  • Ghidra
  • WinDBG
  • Immunity Debugger
    and
  • OllyDbg.
• A minimum of 6 years of experience performing end-to-end analysis of the cyber intrusion kill chain including TTPs (Tactics Techniques and Procedures) used in each phase.
• A minimum of 6 years of experience developing custom tools using Python scripting language to support the following tasks:
  • decoding and parsing network traffic
  • gathering and analyzing forensic data from endpoints; and
  • automating other SOC-related analysis and duties.
• Experience in post detection forensic analysis using all of the following IT security solutions:
  • Antivirus/Endpoint Protection Platform (EPP)
  • Endpoint Detection & Response (EDR)
  • Security Information & Event Management (SIEM)

Additional Information :

Work-Life Balance  

We strongly support a healthy and productive work-life balance. This starts with a flexible approach to work and policies designed to support employees through their day-to-day routines and major life events. For example we offer a Maternity/Parental Top-Up (up to 52 weeks) and a Reservist Leave Top-Up (up to 180 days). 

ADGA continuously strives to integrate advanced Diversity Equity & Inclusion (DEI) approaches and practices into our work culture. Our employee-based DEI Committee explores activities and invites discussions that foster an environment where all employees feel valued respected and heard.

Compensation  

Above and beyond our commitment to offer a competitive base salary ADGA has a company-wide profit-sharing plan for all full-time and part-time employees.

Comprehensive Benefits and Total Rewards  

We offer a comprehensive benefit program providing employees with the choice between base or enhanced plans. Depending on the plan ADGA pays for Health & Dental a Health Spending Account Short-Term Disability an Employee Assistance Program and a Telemedicine service. Also offered: discounts on gym memberships 5000 perks through Perkoplis a Deferred Profit Sharing Plan and access to a wide range of other employee-centric services and savings programs.

Remote Work :

No

Employment Type :

Contract