Hiring Company: Mahantech Corporation
Location: Raleigh, NC,
North Carolina
Job Type: Contract
Salary: $DOE per Hour
Experience Desired: 6 - 8 Years
Last Update: Jan 22, 2019 01:43:00 PM
Full Job Description:
Job Description:
The Position will support the Enterprise Security and Risk Management Office (ESRMO) Incident Response team and monitor networks and systems using various security boundary tools and capabilities for anomalous activities, triage and remediate as appropriate.
Duties and Responsibilities:
• Support/assist ESRMO with real-time monitoring and triage of incident received.
• Work collectively with other team members on incident analysis and response, and coordinate with external agencies on resolution of incidents.
• Support efforts on threat hunting, network, host, and malware analysis, sensor tuning and custom signature creation.
• Support the application of cyber intelligence to improve security operations.
• Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures.
• Assist in efforts to detect, confirm, contain, remediate, and recover from attacks.
• Assist in the preparation of executive summaries and conduct briefings on significant investigations.
• Ensure adequate metrics and documentation of team operations for leadership and other constituents.
• Participate in other activities relating to security and privacy incident management
Knowledge, Skills and Abilities / Competencies:
• Network investigation experience, to include NetFlow and packet/protocol capture and analysis.
• Endpoint/host forensics experience.
• SIEM experience
• Strong critical thinking, problem solving, and organization skills
• Strong teamwork and collaboration skills
• Good written and verbal communication skills
• Ability to pass a security clearance background investigation
• Sound cyber security knowledge foundation, to include understanding of
• Adversary TTPs
• Network technology and common protocols
• Network security
• Host security
• Malware
• Security tools and sensors.
• Ability to work with little to no supervision.
• Proven ability to multi-task and work under stress.
• Strong team-oriented interpersonal skills; ability to effectively interface with a wide variety of people.
• Prefer GCIA, GCIH, CISM, or CEH
Required Skills:
1. Enterprise level experience with SIEM Technologies. Required (3 Years)
2. Enterprise level Network Security/Architecture experience. Required (3 Years)
3. Enterprise level Intrusion Detection/Prevention experience. Required (3 Years)
4. Experience preserving evidence integrity/forensics in enterprise environments. Required (3 Years)
5. Proven experience recognizing and categorizing types of vulnerabilities and associated attacks in enterprise environments. Required (3 Years)
6. Packet analysis experience. Required (3 Years)
7. Identify, capture, contain and report malware in enterprise environments. Required (3 Years)
8. Enterprise experience preserving evidence integrity/Forensics. Highly Desired (3 Years)
9. Enterprise experience developing and deploying signatures. Highly Desired (3 Years)
10. CEH, GCIH, GCIA or equivalent certification. Highly Desired (3 Years)
Nice to have:
• SIEM Technologies
• Network Security
• Intrusion Detection and Prevention
• Packet Analysis
Company Type: Not Specified
Contact Name : Roopa
Contact Phone: 304-220-5059 Ext: 2003
Contact Email :
Number of Views: 355