Friday, June 12, 2009

Senior Security/Forensic Analyst - SECURITY_212 in New York, NY

Friday, June 12, 2009
The successful applicant who fills this position will provide support for the needs of the company's Information Security department. This position will, in general, be required to perform the duties listed below. As the department evolves to meet new and changing business needs, the position responsibilities may evolve to meet these needs.DUTIES (include but are not limited to): Work with application development groups to generate the necessary detail feeds to the central information security reporting system as required, manage event correlation and security information management systems, Respond to and remediate information security events related to add/change/deletes and other user privilege changes, review events and follow up on exceptions, respond to and escalate incidents where warranted, Application, log, OS, network level forensic analysis for troubleshooting and researching events and alerts, Work within a closely coordinated team during emergencies, responding to computer incidents, act as a key member of CIRT response, Establishment of Platform and Application Report Standards as required to solve business problems or needs, Monitor required daily reports to insure compliance with company policy, audit, and regulatory requirements, Ensure the confidentiality of all information accessed part of job duties, Help evaluate new/existing technologies, and manage implementation of new technologies and operational procedures. SKILLS (competencies, technical knowledge and general abilities): Must have experience working with EnCase EE Must have experience with a SIM, SIEM. Preferably ArcSight ESM and Logger. Must be able to work in stress situations, work calmly and well under pressure, Must have the ability to pay close attention to detail, occasionally for prolonged periods of time and under restrictive deadlines, and complete work assignments logically and accurately, Ability to prepare systems and program documentation with the use of flow charts and narration, Ability to begin, keep track of, and complete multiple concurrent tasks/projects, In-depth knowledge of domain structures, user authentication and authorization, encryption and digital signatures and networking; knowledge of Active Directory, LDAP and other AAA protocols, In-depth knowledge of operating system, file system, storage, and memory structures, Knowledge of escalation processes for effective security management, Knowledge of intrusion detection policies and processes, Knowledge of the notification process in managing security incidents and recovery, Knowledge of post-incident reviews and follow-up procedures, Understanding of the general principles of network and application security, Knowledge of industry information security standards and best practices, Knowledgeable of computer security threats, and how they impact confidentiality, integrity, and availability of this company's data, Detailed, consistent documentation skills, Knowledge of the requirements for collecting and presenting evidence; rules for evidence, admissibility of evidence, and quality and completeness of evidence, Knowledge of NIDS/HIDS, SIM, vulnerability scanning, penetration testing, computer and network forensic, risk management, antivirus, Firewall, Linux, MS Windows, Scripting, log and log management, systems and software's; and Good problem identification, troubleshooting, triage, and containment skills. EDUCATION and/or RELATED EXPERIENCE: Must have experience with platform and application logging and event correlation. Must have experience with incident response. Must have experience performing security incident analysis, reporting, and escalation. Must have one or more certifications such as CISSP, CISA, GIAC, GSEC, EnCE. Preferred to have prior work experience in the financial industry. Must have Bachelor's degree and/or minimum of five year's of experience in information security field. WORK ENVIRONMENT: Corporate office setting with high emphasis on communication and interaction with diverse professional staff. Fast paced environment requiring efficiency, effective time management, and cross-regional teamwork in multiple time zones.PHYSICAL DEMANDS:This position requires no special physical demands other than those normally required according to the job description. Such demands may include, but are not limited to, word processing, filing, and light physical office activities. Required Skills: Security Guidelines, EnCase EE, SIM, SIEM To Apply to this job go to http://www.GadBall.com or click here