| IT Security Operations(Cyber Security) || NYC || Onsite at NYC, New York, USA |
| Email: [email protected] |
| From: Mounika, Anveta Inc [email protected] Reply to: [email protected] Role: IT Security Operations Location: 3 Days per week onsite 2 days remote(NYC) Experience: 4-6 years Rate : $40-45 C2C Max to consultant One of 3 shifts a day in a 24/7 operation (*consultant needs to be flexible enough to fill any of the 3 shifts as needed): Shift 1 = 12am 8:30am Shift 2 = 8am 4:30pm Shift 3 = 3:30pm 12am Please see the attached CMP form and send me scan copy with candidate signature along with DL copy SUMMARY OF THE FUNCTION/ROLE: The IT Cyber Security Operations Monitoring Team is seeking consultants to perform Tier 2 SOC follow-up and remediation activity on escalated incidents. The Tier 2 level Analyst (Senior Analyst) should have the ability to respond to a wide range of escalated Incidents and follow through with incident lifecycle through completion. Some of the areas we are looking for candidates to have experience in include but are not limited to: Critical Key requirements: Critical Thinker & Analytical Aptitude SIEM Experience (Splunk) Tier II SOC Incident Handling & Investigation 24/7 Security Operation Center Experience Threat Detection & Response Experience Threat Detection Technologies Experience RESPONSIBILITIES: a. SIEM: The ability to conduct correlated searches and analysis utilizing a Security Incident & Event Management system. b. Network: The ability to Analyze and dissect packets and validate threat signatures c. Endpoint: Ability to perform basic static forensic analysis of Systems and Files d. Email: Demonstrated ability to analyze email attributes such as Headers, and the ability to apply appropriate countermeasures to enhance email defense e. Cloud: The ability to analyze anomalous detected traffic based on defined attack policies, ability to validate the treat and then determine remediation steps and present findings) f. User & Entity Behavior Analytics: demonstrated capability to recognize and respond to various anomalous patterns of Users and Entitys activity to detect malicious intent. g. Web Application: familiarity with various types of code-based attacks and the ability to detect and respond to them h. Data Loss Prevention: Demonstrated capability to analyze DLP events and the ability to detect Data exfiltration through covert channels. i. Document As-Is and To-Be playbooks for existing and future processe. j. Coordinate and facilitate meetings such as process reviews, requirements, and various status reports RISKS (required by MTA Risk Management): All work when On MTA premises will be desk work only performed within the Cyber Security Operation Center (CSOC) Environment. QUALIFICATIONS EXPERIENCE & EDUCATION: Knowledge of Enterprise Networks & Security infrastructure, Communication and internet security systems, Firewalls, Intrusion Protection Systems, Remote Access VPN, Proxy, Wireless Security, NAC, Enterprise ID Management systems, Database, computer systems, security event analysis and forensic investigations. Organizational, decision making, and communications skills. Knowledge of network security operations with a solid understanding of the technology and attention to detail. Creative problem-solving abilities, coupled with a desire to take on responsibility. Strong team player with the ability to engage and promote a cohesive unit. Ability to handle multiple tasks in a fast-paced environment and prioritize highly varied work in order to maintain required productivity levels. Ability to communicate technical' info and ideas so others will understand. Ability to make appropriate decisions considering the relative costs and benefits of potential actions. Ability to apply collaborative skills and traits that create solutions and results to unexpected situations. Bachelors degree in Computer Science, Cyber Security, Information Technology or related discipline OR a satisfactory equivalent with 4-6 years of Information Technology experience. Additional Skills and Information: Security Event Monitoring, Network Event monitoring, Email Header Analysis, Packet Capture inspection, Malware Triage & Analysis, SIEM (Splunk) & TIP Experience Keywords: information technology Idaho IT Security Operations(Cyber Security) || NYC || Onsite [email protected] |
| [email protected] View all |
| Tue Apr 02 23:55:00 UTC 2024 |