Previous Job
Previous
Infrastructure-Information Security Management - San Antonio, TX 78251
Ref No.: 18-01602
Location: San Antonio, Texas
Job Title: Infrastructure-Information Security Management
Location: San Antonio, TX 78251

Position Type: Contract
Rate: DOE

Details:
  • Minimum 5 years of Experience in security incident response, vulnerability management and security operations activities
  • Ability to work with minimal supervision, self-motivated and should be able to manage stakeholders
  • Excellent knowledge on using advanced incident analysis and investigation techniques for security incidents to contain and resolve them
  • Able to collect and analyze detailed host information through host monitoring tools – including command line tools as necessary
  • Experience working in a risk based environment including mitigation, planning and implementation.
  • Able to collect and analyze detailed enterprise logs using splunk, collecting logs of systems directly and experience with L1 malware analysis
  • Deep Understanding of common Attack Vectors DDoS attacks, Phishing Attacks, and Malware Analyze Security related events, user submissions and detected alerts using SIEM and various native security tool management consoles.
  • Perform initial triage of same events using established processes to determine criticality, perform containment/corrective actions.
  • Record triage activities in security incident response system
  • Utilize SIEM tool Splunk effectively in triage events and Splunk search capabilities
  • Familiar and should possess multi-domain architectural knowledge/exposure is desired – Windows/Linux/Network/Proxies/Email gateway/Tanium/FireEye/Symantec, should be able to use tools such as Wireshark or equivalent tools, security alert monitoring using Splunk or other SIEM tools experience
  • Vulnerability scanning using Qualys or any other tool, experience with vulnerability remediation activities, qualify new vulnerabilities and impact to the environment, patch governance activities Others – Must be able to build relationships with internal/external stakeholders and achieve the security incident resolution
  • Should be comfortable to work with onsite/offshore teams and provide technical guidance/leadership to offshore teams Articulate Client requirement to internal team/developers to arrive defined scope of the project.