Hope you are doing great.
Please share me your consultants profile for the role of Sr. Performance consultant .
Role: Information Security Consultant
Location: San Jose, CA
Duration: 6+ Months
· Experienced in administration and configuration of SIEM
· To fine tune, manage, set up alerts, configure, customize, develop parsers and integrate with RSA ticketing tool
· Perform analysis of log files, including forensic analysis of system resource access.
· Experience in IDS/IPS, Firewalls, DLP, Anti-Virus and various security tools
· Work with security tools to configure host IDS/IPS policies (samples tools like Cisco CSA agent, Symantec SEP, McAfee Host Intrusion Prevention ) pertaining to enabling audit trails, log collection and troubleshooting of collector issues
· Responsible for tuning HIDS policies for individual hosts
· Would monitor security events received from customer’s monitored servers, and then take appropriate action based on customer’s security policy.
· Perform triage on events/alerts which are reported by various detection devices to filter out things such as false positives and known accepted activities
· Conduct basic correlation and investigation by using the client provided tools and using other approved network services.
· Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and network attack patterns is a must
· Understand and act upon Vulnerability Assessments on OS, DB and Firewalls (at least one of Nexpose, Qualys, Nessus, Skybox, Nipper) and preferred knowledge on patching tools
· Knowledge of Security Incident Life Cycle and preferred knowledge of working in a CERT
· Experience with security assessment tools (NMAP, ISS, Nessus, Metasploit, Netcat)
· Exposure to threat hunting
· Experience with Systems Administration and in-depth knowledge of Windows and UNIX servers
· Experience with DLP preferred (RSA, Digital Guardian, McAfee DLP)
· Strong analytical and problem solving skills are needed to perform the job
· Would monitor network security events received from customer’s monitored servers, and then take appropriate action based on customer’s security policy.
· Assist customers with security related issues and remediation
· Responsible for reviewing alerts escalated by Level 1 analysts.
· Responsible for troubleshooting agent software issues.
· Reviewing customer reports to ensure quality and accuracy
· Responsible for tuning HIDS policies for individual hosts. Perform ongoing management and backup monitoring of HIDS server
· Network security: Understand the standard network model and the risks present. The functions of network equipment and to understand network architecture.
· Experience of liaising with external security product vendors
• Strong interpersonal skills are critical, since the candidate will be working with various security and technology stakeholders.
• Strong oral and written communication skills and strong organization skills
• Bachelor’s Degree with min 5 years relevant work experience in high-paced, enterprise environment
• CISA/CISM/CISSP/CRISC/GCIH certifications preferred
Saurabh Mishra | VBeyond Corporation