Title: IT - Cyber Security Threat Analyst /Specialist- Expert
Location: Concord, CA 94518
Duration: 6 months + - a contract to hire and/or high chance of contract extension.
**LOCAL & NON-LOCAL ARE OKAY AS LONG AS THEY ARE READY TO BE ONSITE ONCE SIP IS LIFTED**
**SWING SHIFT: Monday to Friday 2/2:30PM - 10:30 PM.
**Equipment: Laptop until PG&E laptop can be provided**
o Prior Incident Response experience
o Prior Security Operation Center (SOC) experience
o Malware analysis experience
o Endpoint experience
This is a challenging and fast paced position in Security Intelligence and Operations Center (SIOC) which is responsible for detecting, analyzing and responding to any suspicious cyber security activity across business and operational networks.
The SIOC is a critical team within broader Information Security team which is led by Vice President - Chief Information Security Officer.
- Bachelor's degree in Computer Science or related field, or equivalent work experience
- 6 years of Information Technology experience, with at least 4 years of experience in information security working within incident response/forensics or equivalent functions
- Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) experience
Knowledge, Skills, and Abilities/ Technical Competencies:
- Previous experience with a variety of cyber investigation tools
- Strong technical skills including malware analysis, memory forensics, live response techniques, registry analysis, scripting, and other relevant technical security skills such as memory forensics
- Experience investigating and mitigating APT style attacks
- Strong case management and forensic procedural skills
- Intelligence driven defense utilizing the Cyber Kill Chain
- Deep knowledge of log, network, and system forensic investigation techniques
- Deep knowledge of diverse operating systems, networking protocols, and systems administration
- Deep knowledge of commercial forensic tools
- Deep knowledge of common indicators of compromise and of methods for detecting these incidents
- Deep knowledge of IT core infrastructure and cyber security components/devices
- Deep knowledge of TCP/IP Networking and knowledge of the OSI model
- Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Excellent problem solving, critical thinking, and analytical skills - ability to de-construct problems
- Strong customer service skills and decision-making skills
- Significant experience with packet analysis (Wireshark) and Malware analysis preferred
- Working knowledge of PG&E infrastructure preferred
- IBM QRadar experience
- Experience with scripting in Perl/Python/Ruby/PowerShell
- Experience with both desktop-based and server-based forensics
- Malware reverse engineering skills
- SANS Cybersecurity certificate, WCNA, or similar
- Strong sense of professionalism and ethics.
- Acts with integrity and communicates honestly and openly
- Ability to build rapport and cooperation among teams and internal stakeholders
- Respects others and demonstrates fair treatment to all
- Methodical and detail oriented
- Actively seeks to enhance the group through the sharing of knowledge
Please send the updated resume in word format with contact details ASAP to .