Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs;
Prioritizing and differentiating between potential intrusion attempts and false alarms.
Creating and tracking security investigations to resolution.
Composing security alert notifications and other communications.
Advising incident responders in the steps to take to investigate and resolve computer security incidents.
Staying up to date with current vulnerabilities, attacks, and countermeasures.
This position requires the ability to work a shift schedule.
The ideal candidate should be able to multitask and give equal attention to a variety of functions while under pressure.
3-5 years of related experience.
Previous experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
Experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools and other security tools found in large network environments; along with experience working with Security Information and Event Management (SEIM) solutions.
Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages.
Digital Media Analysis (DMA) and prior computer forensics experience strongly desired, but not required.
Must possess excellent written communication skills and the proven ability to understand and present complex, technical information to both technical and non-technical audiences.
Must be an independent self-starter.