The Cyber Security Operations Engineer will be responsible for analyzing, monitoring, tracking and reporting behavior/tasks logged by assets (ie, applications, systems, networks) in the form of incidents to ensure NASCO is protected from any potential leaks of malicious activities. He/she will perform routine actions of analyzing correlated event logs to help identify normal versus malicious activity in the network/domain. He/she is responsible to proactively monitor cyber security and information technology infrastructure, including hardware, software, networks, applications and services. This position will communicate with Information Technology, Application Development, Managed Security Services and other appropriate areas, as deemed necessary.
Qualifications
- Strong understanding of security testing practices and methodologies.
- Experience developing proper log correlation rules for identifying key events
- Hands-on experience using security testing and analysis tools such as (Metasploit, Burp Suite, Kali, Wireshark, Nmap, Veracode).
- Hands-on experience using common vulnerability scanning tools (Nessus, Nexpose Rapid7, Qualys, Veracode, AppScan, etc).
- Experience with cloud computing and security issues related to cloud environments.
- Experience conducting security testing for cloud services and establishing cloud security requirements
- Demonstrated knowledge of common vulnerability frameworks (OWASP Top 10, CVSS).
- Experience with security source code review and development experience in C/C++, Java, Python.
- Authoritative technical knowledge of Internet security and networking protocols.
- Experience with software development.
- Scripting skills such as Python, Perl, Shell, Bash.
- At least 3 years of demonstrated experience in penetration testing.
- Expert knowledge of Unix, AIX or Linux platforms
- Expert knowledge of Cisco-based firewalls and intrusion detection systems
- Knowledge of Mainframe technologies
- Knowledge of Windows 200X server platforms.
- Knowledge of VMware and VM server platforms
- Knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
- Solid working knowledge and understanding of multiple operating systems and commands, as well as an understanding of IT security and network best practices and software/hardware solutions
- Knowledge of business, application, information and enterprise architecture responsibilities, principles and standards.
- Knowledge of Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
- Knowledge of database structures and queries.
- Knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
- Maintains a broad knowledge of current and emerging network security threats
- Strong time/project management skills with the ability to operate under deadlines and manage fluctuating workloads
- Ability to communicate security objectives orally and in writing to a variety of audiences.
- Ability to write security requirements and design documents
- Ability to analyze complex problems and recommend/negotiate solutions
- Ability to read system data, including, but not limited to, security and network event logs, web, anti-virus, DLP, syslogs, IPS, and firewall logs.
-
Minimum of 3 years experience in a security operations center and/or system administration role
- Minimum of 5 years experience as a System Administrator (Unix/Windows) and Network Administrator
- Experience troubleshooting common network devices, network vulnerabilities and network attack patterns
- Experience analyzing IIS, SQL, firewall, IPS/IDS, Windows, SEP, Web, and mail filtering logged events.
- Hands on experience managing an array of security tools (e.g. Web Content Filtering, Malware, Firewalls, Intrusion Protection, etc.)
- Bachelors degree in Computer Science, Information Systems, Network Security Engineering or related major or equivalent work experience.
Desired Training and Education:
- Current SANS certification holder (technical tracks) strongly preferred
- CISSP desired and CCNA, MCSE certifications are preferred
NASCO is a Minority/Female/Disability/Vet/Affirmative Action Employer.
by via developer jobs - Stack Overflow
No comments:
Post a Comment