Senior Information Security Analyst

Job Title: Senior Information Security Analyst

Type: Contract

Location: Fort Worth TX

JD

Requirements:
10 or more years of fulltime professional experience in the Information Security field
Experience working in a Security Operations Center (SOC) Managed Security Service (MSS) or enterprise network environment.
Investigate events and incidents to gather evidence and analyze in a comprehensive consistent and measurable manner.
Evaluate respond and mitigate alerts that originate from the SIEM and other security tools.
Hunt for suspicious and malicious threats within the environment
Identify common false positives and make suggestions on tuning to reduce alertfatigue.
Join forces with the internal Security Incident Response Team (SIRT) during investigations.
Author investigation reports for technical and nontechnical audience

Qualifications:
Queue management
Experience with SIEM platforms preferred
Familiarity with webbased attacks and the OWASP Top 10 at a minimum
Attack vectors and exploitation
Direct (E.g. SQL Injection) versus indirect (E.g. crosssite scripting) attacks
Familiarity with SANS top 20 critical security controls
Understand the foundations of enterprise Windows security including:
Active Directory
Windows security architecture and terminology
Privilege escalation techniques
Common mitigation controls and system hardening
Experience monitoring EDR AntiVirus (AV) and Host Based Intrusion Prevention (HIPS)
Experience in monitoring at least one commercial AV solution
Ability to identify common false positives and make suggestions on tuning
Understanding of root causes of malware and proactive mitigation
Propagation of malware in enterprise environments
Familiarity with webbased exploit kits and the methods employed by webbased exploit kits
Familiarity with concepts associated with Advanced Persistent Threats and targeted malware
Understanding of malware mitigation controls in an enterprise environment.
Network Based Attacks / System Based Attacks
Denial of Service Attacks
HTTP Based DoS Attacks
Network Based DoS Attacks
Brute force attacks
Covert channels egress and data exfiltration techniques

Desired Qualifications:
Experience working with Incident Ticketing Systems
General security knowledge (GCIA CISSP or other security certifications).