[Close] 

Information Systems Security Engineer

Eclaro has a full time opportunity for an Information Systems Security Engineer for a client in Menlo Park CA.? Essential Functions include: Monitor and analyze security events and identify trends, attacks, and potential threats.Create, document and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of all security incidentsCollect, analyze, and disseminate commercial and open-source threat intelligenceResearch emerging threats, and prepare detailed threat intelligence reportsCorrelate threat intelligence and vulnerability assessments with active attacks within the enterprise.Facilitate the integration of threat and data feeds for the purposes of incident response.Organize and conduct incident response exercises, incorporating resources both internal and external to the client's Health IS Information Security teamMaintain familiarity with prevailing and emerging threats and vulnerabilitiesMay work with Federal and/or state and local law enforcement agenciesConduct cyber-forensic investigations to reconstruct events from digital evidence and develops an understanding of the intent, objectives and activities employed by cyber threat actors providing recommendations regarding countermeasuresDevelop, research and maintain proficiency in tools, techniques, countermeasures and trends in computer and network vulnerabilitiesKnowledge, Skills, and Abilities include: 3 or more years of experience in Information Security (5+ years preferred) with 2+ years in an incident response, SOC Analyst, or penetration tester roleStrong analytical and problem-solving skills are requiredExperience and proficiency with any of the following: Intrusion analysis, Host-Based Forensics, Network Forensics, Malware Analysis concepts and methodsExperience working with and/or managing a SIEM and or Data Loss Prevention (DLP) solutionExperience working with commercial and/or open-source threat intelligence feeds.Knowledge of global threats to cyber security and understanding of the tools and tactics utilized by threat actors.Advanced knowledge of the threat landscape and threat intelligence methodologiesAbility to make thoughtful decisions on remediation and counter measuresThorough understanding of network defense technologies, TCP/IP networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testingExperience with a scripting language (Perl, Python, or other) in an incident response environmentExtensive Windows, Mac, Linux and Unix experience including deep knowledge of file system layout, log file analysis, timeline creation, web browser forensics and file carvingDemonstrated understanding and experience with incident response best practices and standards.Ability to use sound judgment to make justifiable decisions and act to solve problemsExcellent written and verbal communication skills, including presentation skills, are important to be successful in this role. Proven ability to effectively communicate with all levels of the organization, as well as with external partiesAbility to plan, organize, prioritize, work independently and meet deadlinesKnowledge of local, state and federal regulatory requirements related to areas of functional responsibility?Preferred Qualifications: Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g. HIPPA, PCI, DSS, etc.), and desktop, server, application, database, and network security principles for risk identification and analysis very helpful.Experience with and knowledge of proxy technologies, antivirus solutions, protocol analyzers, vulnerability scanners, endpoint monitoring toolsExperience with Next Gen firewalls, IPS/IDS, SIEM, WAF, Encryption, and Mobile securityExperience in digital forensics and tools associated with the task such as EnCase, FTKExperience in reverse engineering malware and tools associated with the task such as IDA Pro, OllyDbAt least one relevant industry certification or willingness to obtain one within the first calendar year ? GCIH, CCIA, GIAC, CISSP, CISM, CISATo apply to this position contact Jeanine Hastings 646-755-9303 jth@eclaro.com - provided by Dice
Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g. HIPPA, PCI, DSS, etc.), and desktop, ser


Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.