Link Technologies is looking for a Senior Security Engineer with at least 3 years of large environment monitoring, analysis and incident response experience for one of our Las Vegas Gaming clients for a contract to hire position.
Essential Job Functions:
Monitor the company's intrusion detection and prevention systems and other security event data sources on a 24x7x365 basis.
Determine if security events monitored should be escalated.
Correlate data from intrusion detection and prevention systems with data from other sources such as Firewall, web server, and DNS logs.
Develop ad hoc and automated reports as necessary to satisfy the need for information and trending on issues seen, action taken, next steps, recommendations, etc.
Responsible for tuning and filtering of events and information, creating custom views and content using all available tools.
Maintain system baselines and configuration management items, including security event monitoring "policies"
Coordinate with appropriate organizations regarding possible security incidents.
Conduct intra-office research to evaluate events as necessary, maintain the current list of coordination points of contact.
Produce reports identifying significant or suspicious security events to appropriate parties.
Review assembled data with Firewall administrators, Network engineering, system administrators and other appropriate groups to determine the risk of a given event.
Review and evaluate network modifications and recommend security-monitoring policy.
Establish procedures for handling each security event detected. The Analysts should follow these procedures, once approved.
Maintain knowledge of the current security threat level by monitoring related Internet postings, Intelligence reports, and other related documents as necessary.
Be able to create and add user defined signatures, or custom signatures, to compensate for the lack of monitoring in threat areas as warranted by threat. This includes creating content in STRM (Q1Labs) and ISS as needed.
Maintain a network diagram depicting the relevant security checkpoints in the network.
Develop and implement a monitoring methodology using STRM (Q1LABS) and ISS.
Use Unified Modeling Language (UML) Use Case Diagrams and processes that identify procedures for correlating security events.
Identify misuse, malware, or unauthorized activity on monitored networks.
Maintain proficiency and skills through relevant training, conventions, conferences, and on the job training.
At least 3 years supporting cyber security analysis & incident response of enterprise networks in a large corporate setting.
5+ years overall IT experience
Thorough understanding of Cyber security fundamentals and industry best practices
Experience with Juniper NAC (IC series, Odyssey), Juniper VPN (SA series), IBM ISS, Websense, Iron Mail, STRM (Q1labs) ISS.
Candidate should have experience with Large Scale NMS & logging systems such as Spectrum, eHealth, Splunk, Junos Space, and related tools.
Candidate should have experience with network troubleshooting tools like Clearsight Analyzer and/or Wireshark
CISSP or equivalent experience
JNCIS Security or equivalent experience
Nice to haves include:
Familiarity with ITIL Change Management
Excellent written and verbal communications skills
Experience working within large and complex technical environments
Exceptional customer support skills
Strong technical writing skills
Strong problem solving and root cause analysis skills
A history of delivering projects on time and correctly sized
To apply, please send your Resume in MS Word format and reference Job ID # 5268.