Estimated Length: 12 Months Work hours:37.50 Est. OT Hrs/Wk:

Requirements

Please Note, this position will require consultants to work onsite

This job is responsible for Cybersecurity Forensics and Investigation activities related to Cyber Security Operation Center (CSOC). This position at the Client is a highly skilled, demanding position with up-to-date, expert security knowledge of Software Programming and Reverse Engineering Code, Coding and Scripting, Cyber Security Forensic Technologies and Tools, Enterprise Network & Security infrastructure, Communication and internet security systems, Windows and UNIX Platforms, Mobile Devices, Firewalls, Intrusion Protection Systems, SIEM, Splunk, RSA Net Witness, Threat Intelligence Platforms, Remote Access VPN, Proxy, Wireless Security, NAC, Enterprise ID Management systems, Database, computer systems, security event analysis and forensic investigation. Candidate should have industry standard security information on current trends, and evolving security of vendor products utilized in enterprise security. Candidate will support various teams of the Cyber Security Operation Center. This will include participating in real-time Forensics and Investigations, Cyber Incident Response, evaluation of advance threats, threat hunting, and statistical analysis. Candidate should have strong knowledge and experience with ICS-SCADA Technologies and PCI environments.

This position will interface with various IT departments and provide information to IT leadership with respect to current infrastructure security events, reporting, investigation monitoring and day to day security operation. The following desired knowledge, skills, and abilities are required for this position. Excellent organizational, decision making and communications skills. Excellent knowledge of network security operations with a solid understanding of the technology. Good to excellent attention to detail. Excellent creative problem-solving abilities, coupled with a desire to take on responsibility. Strong team player and people skills with the ability to engage and motivate fellow staff members to drive results. Ability to handle multiple tasks in a fast-paced environment, and prioritize highly varied work in order to maintain required productivity levels. Ability to communicate technical info and ideas so others will understand. Ability to make appropriate decisions considering the relative costs and benefits of potential actions. Ability to apply varying team player traits that create solutions and results to unexpected situations. Ability to assist and motivate less experienced team members to achieve our goals.

Job Description:
Work alongside / within a group of technical security staff responsible for the management, response, and reporting to all Client Computer and Network security related incidents, performing forensic investigations on advance threat analysis. This position will also be responsible for all statistical analysis, performing simulation and incident testing in a lab environment, correlation of events, trend analysis, comparing against security policy and vulnerability database.
• Examining physical memory dumps, volatile data and system audit captures, NTFS $MFT files, Windows Registry hives, Windows Event logs, running processes, active network connections, system logs, and select file attributes
• Web Application Security - Develop and assist the Client in improving web application security, developing use cases, analyzing and leading incident response related web application security. Along with incidents withing the cloud host platforms such as Amazon and Azure
• RSA Netwitness Application Expert Analyst. must have expert ability to leverage RSA Net witness platform during forensic investigations
• Building and Maintaining Cyber Security Incident Response Plans.
• Must be experienced with conducting tabletop exercises.
• Participate / assist with the management and monitoring, analyzing and reporting of security incident and day to day security events with primary focus on highly critical systems holding PPSI, PCI and HIPPA data to make sure proper security controls are in place.
• Participate / assist with incident reporting and providing forensic investigation reports to management, notifying, and coordinating changes with all Client agencies and departments as a result of security incidents.
• Perform project management and assist with forecasting, budgeting, and monitoring of data security projects and procedures as they relate to Cyber Security Operation Center. Assist the Cyber Security Incident and Monitoring and Security Support team as per Client and New York State security policies and procedures.
• Responsible to provide 24x7x365 level 2 support as it relates to all security incident and play primary role in digital forensic investigation at Cyber Security Operation Center at Client .
• Candidate must have experience with conducting digital forensics on mobile devices
• Assist as directed the CSOC focal point in any Cyber Security investigation that requires involvement with law enforcement agencies.
• Assist with life cycle replacement and upgrades throughout Client for all Cyber Security Incident Response infrastructures.

Important Note: This is an on-site job 

Additional Skills and Information:Client Candidate must possess expert level skills with multiple programming languages and must demonstrate that they can reverse engineer malware code. The Candidate must be an expert in Cyber Security Incident Response processes. Must be proficient with UNIX, Windows, OSX, and Mobile Devices. Candidate must be proficient with the administration of Office365 and all its security features.

Founded in 1995, IIT is a leading provider of Workforce Solutions to Government and Fortune-1000 organizations. IIT is a winner of Inc-500 award. IIT's core services include:

Headquartered in New York, IIT has over 400 consultants deployed at Client Sites. Other IIT highlights include

Our Consultants love working for IIT

Follow us on LinkedIn or Twitter or Facebook

IIT is an Equal Opportunity Employer