Previous Job
Previous
Security Incident and Event Management (SIEM) - San Antonio, TX
Ref No.: 18-00700
Location: San Antonio, Texas
Job Title                    : Security Incident and Event Management (SIEM)
Location                    : San Antonio, TX
Position Type           : Contract
Rate                           : Doe
 
No Visa sponsorship available for this Job - no third party C2C agencies.
 
Job Description:
  • Minimum 5 years of Experience in security incident response, vulnerability management and security operations activities Ability to work with minimal supervision, self-motivated and should be able to manage stakeholders
  • Excellent knowledge on using advanced incident analysis and investigation techniques for security incidents to contain and resolve them Able to collect and analyze detailed host information through host monitoring tools – including command line tools as necessary Experience working in a risk based environment including mitigation, planning and implementation.
  • Able to collect and analyze detailed enterprise logs using splunk, collecting logs of systems directly, experience with L1 malware analysis.
  • Deep Understanding of common Attack Vectors DDoS attacks, Phishing Attacks, and Malware Analyze Security related events, user submissions and detected alerts using SIEM and various native security tool management consoles.
  • Perform initial triage of same events using established processes to determine criticality, perform containment/corrective actions.
  • Record triage activities in security incident response system Utilize SIEM tool Splunk effectively in triage events and Splunk search capabilities Familiar and should possess multi-domain architectural knowledge/exposure is desired Windows/Linux/Network/Proxies/Email gateway/Tanium/FireEye/Symantec, should be able to use tools such as Wireshark or equivalent tools, security alert monitoring using Splunk or other SIEM tools experience Vulnerability scanning using Qualys or any other tool, experience with vulnerability remediation activities, qualify new vulnerabilities and impact to the environment, patch governance activities.
  • Others – Must be able to build relationships with internal/external stakeholders and achieve the security incident resolution; Should be comfortable to work with onsite/offshore teams and provide technical guidance/leadership to offshore teams Articulate Client requirement to internal team/developers to arrive defined scope of the project.