Home   Register   Sign In
 
Company Info

Conquest Technology Solutions

19 C Trolley Square, Wilmington, DE - USA
Wilmington, DE, United States

Phone: 415-424-4275
Web Site: www.conq-tech.com

Company Profile


Information Security Engineer


col-narrow-left   

Job ID:

1159

Location:

Washington, DC, United States 

Category:

Information-Technology

Salary:

Open per hour
col-narrow-right   

Job Views:

390

Zip Code:

20001

Employment Type:

Contract - W2, Contract - 1099

Posted:

06.20.2014
col-wide   

Job Description:

Information Security Engineer
Client: World Bank
Location: Washington, DC
Duration: 1 year
 
New Position:
  • WB-27 Information Security Engineer in Washington, DC
    • All submissions must include a completed “WB Employment Verification” form
    • All submissions must be received by 8am EST on Wednesday, June 25th in order to be considered
Must Haves:
  • Mid-level security incident response and monitoring. Typically candidates who have worked in a security operations area.
  • Experience with Arcsight and network analysis tool such as Network Forensics
Nice to Haves:
  • Encase Certification
  • McAfee ePO Management Suite and tools
  • Windows MSTS Certifications for Vista/Windows 7.
  • Cisco CCNA Certified.
  • Certified Ethical Hacker +
  • Global Information Assurance Certifications (GIAC) and Information Systems Security
  • Management Professional (ISSMP)  preferred
  • Possession of Certified Information Systems Security Professional (CISSP) certificate
 
The Information Security Engineer would be expected to work in the following areas:
 
Security Monitoring
  • Provide Information Security Operations Center (iSOC) support on a 24x7x365 basis by shift work with rotation
  •  Monitor multiple security alert sources, identify and triage significant security events, determine impact and threat severity, escalate according to established procedures, and open trouble tickets using the OIS Case Management System.
  • Review automated daily security reports of key security controls, escalate critical security events to the appropriate stakeholders and follow-up as required.
Incident Response
  • Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures
  • Participate in all the phases of incident response process, including detection, containment, eradication, and post-incident reporting.
  • Record detailed Incident Response activities in the Case Management System.
Monitoring Responsibilities:
  • Monitor Arcsight security console for security alerts, triage, and establish threat levels based on asset classification and data classification. Create tickets in Case Management System.
  • Monitor mail service accounts (abuse, OIS general, eServices, etc.) for security events, triage, and establish threat levels based on asset classification and data classification. Create trouble tickets in Case Management System.
  • Respond to  phone calls from the customer's Network Operations Center and Global Support Center, determine severity of event, assign, and/or escalate to the appropriate staff based on established procedures.  
  • Review daily Arcsight alert reports, escalate and follow-up with the appropriate stakeholders.  Analyze and confirm lower level alerts with client technical staff.  Open tickets in Case Management System.
  • Monitor Honeypot database and Netflow reports, triage, and create tickets in Case Management System.
  • Monitor corporate anti-virus infrastructure security alerts and reports.  Create tickets as required in Case Management System.
IR Responsibilities:
  • As assigned by the Case Management System, perform investigations of the client's corporate systems, desktops and network using standard operating procedures and methods, looking for indications of attack and/or compromise as indicated from alerting infrastructure.
  • Confirm threat classification of case assignments; escalate according to standard operating procedures.
  • Submit security related change requests for actions needed to remediate security events.  Escalate as needed to NOC/On-call personnel.
  • As assigned by the Case Management System, remediate desktop malware, communicating with respective IT Staff/OIS as needed.
  • Where appropriate, submit malware from investigative work to anti-virus vendor for new anti-virus signatures, follow-up with vendor.
  • Provide details of investigations in Case Management Systems.
  • Provide daily updates of assigned and outstanding IR cases.
  • Provide feedback to client staff in the enhancement of forensic gathering process capabilities and analysis.
  • Provide ongoing analysis and review for indications of attacks, including Forensic Incident Response, Triage and Repair in coordination with the Incident Response Team.
  • 7+ years’ experience in the computer industry, with focus on Networks and Microsoft windows.
  • 4+ years’ experience in information security and incident response, with the ability to find and remediate malware in a Windows environment.
  • Working knowledge of IEEE 802.3 and 802.11 computer networking and Cisco/Juniper IOS and management platforms.
  • Demonstrated command of Microsoft Windows environment.
  • Scripting in .vbs, .bat, Unix shell and perl.
  • Demonstrated written and oral communications, decision-making, and problem solving skills
  • High level of motivation, confidence, integrity, and responsibility
  • Demonstrated interpersonal skills, including the ability to work independently and effectively on a team/task force as a team member or leader, and  interact with senior staff and managers.

Job Requirements:

Must Haves:
  • Mid-level security incident response and monitoring. Typically candidates who have worked in a security operations area.
  • Experience with Arcsight and network analysis tool such as Network Forensics
Nice to Haves:
  • Encase Certification
  • McAfee ePO Management Suite and tools
  • Windows MSTS Certifications for Vista/Windows 7.
  • Cisco CCNA Certified.
  • Certified Ethical Hacker +
  • Global Information Assurance Certifications (GIAC) and Information Systems Security
  • Management Professional (ISSMP)  preferred
  • Possession of Certified Information Systems Security Professional (CISSP) certificate


© 2017 Powered by Rootjobs     About Us   Sitemap   Terms and Conditions   Privacy Policy   Mobile Version     Twitter RSS LinkedIn Facebook