*Information Security Consultant with SIEM (RSA Analytics) skills* *Charleston, SC*
*6+ Months Contract* *Essential Functions/Responsibilities:* - Experienced in administration and configuration of SIEM (RSA security analytics platform) - To fine tune, manage, set up alerts, configure, customize, develop parsers and integrate with RSA ticketing tool - Perform analysis of log files, including forensic analysis of system resource access. - Experience in IDS/IPS, Firewalls, DLP, Anti-Virus and various security tools - Work with security tools to configure host IDS/IPS policies (Cisco CSA agent, Symantec SEP, McAfee Host Intrusion Prevention ) pertaining to enabling audit trails, log collection and trouble shooting of collector issues - Responsible for tuning HIDS policies for individual hosts - Would monitor security events received from customer's monitored servers, and then take appropriate action based on customer's security policy. - Perform triage on events/alerts which are reported by various detection devices to filter out things such as false positives and known accepted activities - Conduct basic correlation and investigation by using the client provided tools and using other approved network services. - Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and network attack patterns is a must - Understand and act upon Vulnerability Assessments on OS, DB and Firewalls (at least one of Nexpose, Qualys, Nessus, Skybox, Nipper) and preferred knowledge on patching tools - Knowledge of Security Incident Life Cycle and preferred knowledge of working in a CERT - Experience with security assessment tools (NMAP, ISS, Nessus, Metasploit, Netcat) - Experience with Systems Administration and in-depth knowledge of Windows and UNIX servers - Experience with DLP preferred (RSA, Digital Guardian, McAfee DLP) - Strong analytical and problem solving skills are needed to perform the job - Would monitor network security events received from customer's monitored servers, and then take appropriate action based on customer's security policy. - Assist customers with security related issues and remediation - Responsible for reviewing alerts escalated by Level 1 analysts. - Responsible for troubleshooting agent software issues. - Reviewing customer reports to ensure quality and accuracy - Responsible for tuning HIDS policies for individual hosts. Perform ongoing management and backup monitoring of HIDS server · Network security: Understand the standard network model and the risks present. The functions of network equipment and to understand network architecture. · Experience of liaising with external security product vendors -- Thanks & Regards Rohit Gupta roh...@vbeyond.com 908-988-0329 Ext-222 -- You received this message because you are subscribed to the Google Groups "Hot List" group. To unsubscribe from this group and stop receiving emails from it, send an email to directclienteq+unsubscr...@googlegroups.com. To post to this group, send email to directclienteq@googlegroups.com. Visit this group at http://groups.google.com/group/directclienteq. For more options, visit https://groups.google.com/d/optout.
