Dice is the leading career destination for tech experts at every stage of their careers. Our client, Triune Infomatics Inc, is seeking the following. Apply via Dice today!
Role: Security Technical Consultant
Local to Sacramento, CA / Pleasanton, CA
Duration 12 months
Deliverables:
- Proactively identify and assess threats to State Funds users, network, and data.
- Monitor and respond to reports of malicious activity.
- Respond and investigate intrusions and security events.
- Demonstrate an understanding of State Funds threat landscape.
- Perform thorough analysis of attacks and anomalous network behavior.
- Provide summarized and detailed analysis and documentation in support of ESEC.
- Perform proficient forensic analysis using security tools and processes.
- Identify Actionable Intelligence by processing Threat Intelligence (TI).
- Demonstrate ability to identify, contain, eradicate, and recover from security incidents.
- Collaborate with State Fund business units, partners, and individuals to mitigate security threats.
- Advise the CISO and ESEC Team on matters involving organizational, strategic, tactical, and security best practices related to forensics and security incidents management.
- Attend meetings/Represent ESEC as a Senior Lead for all security matters.
- Act as Lead/Co-Lead/Backup on assigned ESEC projects.
- Mentor junior staff colleagues.
- Create Standard Operating Procedures and training documents.
Technical Knowledge and Skills:
- Minimum of 5+ years of technical experience conducting security incident response and forensic analysis.
- Working experience of obtaining Cyber Threat Intelligence and making the information usable through the security incident process.
- Working experience of applying IOCs to identify threats in current environment and apply information to prevent future vulnerabilities in infrastructure.
- Technical security project management skills.
- Working experience using best practices standards and frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.
- WORKING EXPERIENCE, at a minimum:
- Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
- Operating Systems: UNIX, LINUX, WINDOWS.
- Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
- Network Protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
- Databases: Oracle, SQL, MYSQL.
- Cloud Platforms: IAAS, PAAS, SAAS.
- Security Concepts: Encryption, Hardening, etc.
- Security GRC.
- Forensic Analysis Tools.
- Active Directory.
- Programming Languages are a plus.
- Computer Forensic experience a plus.
- Prior SIEM experience a plus.
- Malware analysis skills a plus.
- Experience in managing multiple projects.
- 5+ Years' experience in information security and forensics and/or security incident response.
- CISSP and CCFP or equivalent certification desired (e.g., CCE, CHFI). Other highly desirable security certifications may be substituted for CISSP (e.g., CISA, CISM, etc.)