The Goal is seeking a Security Analyst for a client in Chantilly, Virginia.
As an Analyst, you will be responsible for working with different security tools utilized throughout the organization such as:
– FireEye EX,HX and NX
– Palo Alto next-generation firewall
– McAfee endpoint security tools
– Proof Point email security and protection
– Securonix insider threat management
– Rapid7 Nexpose vulnerability scanner
– QRadar and Splunk SIEM
– Implement QRadar in a complex network environment and assist security analysts in building operational processes around the QRadar ecosystem
– Develop QRadar content and correlation rules for malware detection
– Configure, troubleshoot and leverage security devices such as QRadar Packet Capture, Cisco Sourcefire IPS, Cisco ASA firewalls and FireEye EX/NX
– Performs Computer Security Incident Response activities for a large organization, coordinates with other enterprise IT teams to record and report incidents. Work incidents from cradle to grave.
– Create, modify, and update Sourcefire and Palo alto IDS/IPS and Security Information Management (SIEM) tool rules
– Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
– Proven leader with excellent oral and written communication skills
– Capable of working with a security team of varying experience levels to effectively monitor and investigate security incidents s well as make recommendations to improve the security posture of a large organization
– Must be able to work independently and complete projects with little supervision
– Must have excellent analytical and problem solving skills as well as interpersonal skills to interact with users, team members and senior management
– Must have a strong foundation of Network and Security Skills, fundamental knowledge of windows, Linux, and Cisco operating systems, networking protocols and network traffic analysis, and information security
– Experience with FireEye, RSAM, EnCase, Yara, OllyDbg, IDA Pro a plus
– Security certifications a plus.