Information Security Lead
SF Bay Area (East Bay) or Albuquerque, New Mexico
Full Time Employment
Our client is building an information security team whose mandate is to detect, prevent and respond to threats to the company’s computer systems. This is a world class team that is fast paced, exciting and creative. If working in National Security – working with the best tools in information security – working with the highest level most motivated team in the industry – having a work life balance and doing things a typical corporate security team cannot do is interesting to you, then read on.
The Information Security Lead will be directing an agile group of host forensics and incident response personnel. You will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to respond to incidents at a global scale. Work with industry respected malware and network analysts to coordinate a best in class response to computer related incidents.
- Strong analytical, documentation, and communication skills
- Familiarity with Windows, Apple, and Linux based operating systems (e.g. XP, Windows 7, 2003, 2008, OS X).
- 5+ years of experience in information security
- 2+ years of experience working on computer security incident response team
- Intermediate skills in malware analysis for Windows based malware.
- In-depth knowledge of live forensics with enterprise forensics tools
- Analytical understanding of Windows registry, NTFS, malicious documents (Office and PDF), Memory, Prefetch and Windows event logs
- Working knowledge of TCP/IP, DNS, HTTP,SMTP and SNMP.
- Strong understanding of network traffic analysis
- Used and proficient in similar forensics software
- Understand standard forensic methodology
- Experience leading agile IR teams
- Accredited degree in computer science or information technology or equivalent years of experience
- Experience with version control software a plus.
- Experience with enterprise information security data management tools
- Maintain or received forensics or incident response certification (e.g. EnCE, GCFA, GREM, or GCIA)
- Taught or informally trained on the subject incident response or forensics analysis.
- Knowledge of two or more of the following languages (Perl, Python, C, C++, C#, Objective C, Ruby, Lisp, Scheme, IA-32/IA-32e assembly, ARM, Power PC, MIPS, SPARC, Shell, SQL, HTML, CSS, XSLT, XML, Java, or EnScript).
- Programming skills in Python or other for tool development
- Data and big data and AI experience would be great but not necessary
Contact Steven Cass at firstname.lastname@example.org or 650-638-9633 x 301