Information Security Analyst and Senior Information Security Engineer
Information Security Analyst and Senior Information Security Engineer - 1217
2 Openings in La Mirada, California
Our client is looking for an Information Security Analyst and a Sr. Information SecurityEngineer.
The successful candidate will aid in the advancement of the securityengineering team efforts to provide information security services and support to the company and its customers. The primary responsibilities of this position are to improve the companies securityarchitecture, perform proactive and reactive security analysis, respond to and resolve security incidents and provide technical expertise, especially in the area of network, system and data protection. In addition, participation is expected in all aspects of information security that will further enable the mission of the company and its customers, such as participation in: uncovering computer and network vulnerabilities, reducing the risk incurred by vulnerabilities, infusing new security technologies into the securityarchitecture, and promoting a security culture through consulting and training. Solid interpersonal skills and the ability to work effectively in a distributed team environment are a must. Travel within California and some additional US travel may be required.
- Serve as a key member of the Security Group performing varying security duties including threat awareness, proactive network traffic analysis, incident response, forensic analysis, and resolution of security incidents.
- Collaborate with leaders and othersecurity experts around the state to develop plans, if appropriate, for a SecurityOperations Center.
- Integrate knowledge of network protocols, services, threats, vulnerabilities, mitigation strategies, hardware capabilities, and other information to build a securityenvironment that reduces and mitigates risk while allowing the companies open science mission to succeed.
- Evaluate a wide range of data, including Bro logs, NetFlow data, centralized syslog, authentication logs, and others to detect security incidents. Take timely action as appropriate: block problem traffic, send alerts and/or investigate when suspicious activity is detected.
- Develop new methods to detect and mitigate security attacks.
- Communicate with internal and external security personnel and system administrators about incidents.
- Respond appropriately to internal and/or external complaints (e.g., scanning, hacking, spamming, etc.).
- Promote a strong security culture throughout the companies internalnetwork, consulting with the management and staff.
- Ability to be ‘on call’ outside of regular business hours on a regular and recurring basis.
Knowledge, Experience, and Education
Senior Information Security Analyst, Engineer requires a BA/BS in computer science or related field or equivalent experience and a minimum of 8 years of experience in information/cyber security.
Information Security Analyst, Engineer requires a BA/BS in computer science or related field or equivalent experience and a minimum of 5 years of experience in information/cyber security.
The ideal IS Analyst, Engineer or Senior IS Analyst Engineer will possess the following skill set:
- Experience developing software and proficiency in coding, using a security-centric approach.
- Experience using Bro networksecurity monitoring (NSM) and host intrusion detection systems (IDS).
- IDS script and signature development.
- Hands-on network/packet level examination using tools such as tcpdump or Wireshark.
- Working knowledge of regular expressions, data and text manipulation tools such as awk and sed.
- Experience with logging environments such as ELK Stack or Splunk.
- Experienceprogramming in C, C++, Python, Ruby, or another popular language.
- Minimum of 4 yearsexperience maintaining and administering production Unix/Linux operating systems including RedHat/CentOS and FreeBSD variants.
- Experience streamlining operational capabilities through standardization and automation.
- Able to work on multiple tasks and respond to rapidly changing priorities.
- Ability to serve as a consultant on a long-range vision for securityarchitecture.
- Able to identify and implement security enhancements that will maximize the security profile.
- Ability to formulate, organize, and present ideas in an effective manner. Develop proposals and clearly articulate cost/benefit trade-offs to various audiences.
- Self-motivated with demonstrated ability to work highly independently, requiring little direct supervision.
- Ability to work collaboratively in a team environment and the ability to lead teams to reach consensus.
- Mastersdegree in information assurance, computer science, computer engineering or related field is beneficial
- Certifications and/or training in a technicalsecurity specialty (e.g., GIAC, CISSP).
- Strong understanding of Mac and Windows operating systems.
- Knowledge of public-key and private-key encryption techniques including DES, RSA, and PGP/GPG.
- Strong understanding of complex TCP/IPnetworks.
- Solid understanding of IPv6.
- Knowledge of Layer 2, Wireless, Switching and Routing Protocols
- Familiarity with securing virtualized environments.
- Familiarity and experience working on research and educationnetworks.
- Familiarity with Research and Educationnetworking communities in the US or abroad.