Previous Job
Previous
Infrastructure-Information Security Management | Information Security - San Antonio, TX 78251
Ref No.: 18-01459
Location: San Antonio, Texas
Job Title: Infrastructure-Information Security Management | Information Security
Location: San Antonio, TX 78251
Position Type: Contract
Rate: DOE

Job Description:
  • Minimum 5 years of Experience in security incident response, vulnerability management and security operations activities Ability to work with minimal supervision, self-motivated and should be able to manage stakeholders.
  • Excellent knowledge on using advanced incident analysis and investigation techniques for security incidents to contain and resolve them
  • Able to collect and analyze detailed host information through host monitoring tools – including command line tools as necessary
  • Experience working in a risk based environment including mitigation, planning and implementation.
  • Able to collect and analyze detailed enterprise logs using splunk, collecting logs of systems directly and experience with L1 malware analysis
  • Deep Understanding of common Attack Vectors DDoS attacks, Phishing Attacks, and Malware Analyze Security related events, user submissions and detected alerts using SIEM and various native security tool management consoles.
  • Perform initial triage of same events using established processes to determine criticality, perform containment/corrective actions.
  • Record triage activities in security incident response system
  • Utilize SIEM tool Splunk effectively in triage events and Splunk search capabilities Familiar and should possess multi-domain architectural knowledge/exposure is desired – Windows/Linux/Network/Proxies/Email gateway/Tanium/FireEye/Symantec, should be able to use tools such as Wireshark or equivalent tools, security alert monitoring using Splunk or other SIEM tools experience Vulnerability scanning using Qualys or any other tool, experience with vulnerability remediation activities, qualify new vulnerabilities and impact to the environment, patch governance activities
  • Others – Must be able to build relationships with internal/external stakeholders and achieve the security incident resolution; Should be comfortable to work with onsite/offshore teams and provide technical guidance/leadership to offshore teams Articulate Client requirement to internal team/developers to arrive defined scope of the project.