*Information Security Consultant with SIEM (RSA Analytics) skills*
*Charleston, SC*
*6+ Months Contract*
*Essential Functions/Responsibilities:*
- Experienced in administration and configuration of SIEM (RSA security
analytics platform)
- To fine tune, manage, set up alerts, configure, customize, develop
parsers and integrate with RSA ticketing tool
- Perform analysis of log files, including forensic analysis of system
resource access.
- Experience in IDS/IPS, Firewalls, DLP, Anti-Virus and various
security tools
- Work with security tools to configure host IDS/IPS policies (Cisco CSA
agent, Symantec SEP, McAfee Host Intrusion Prevention ) pertaining to
enabling audit trails, log collection and trouble shooting of collector
issues
- Responsible for tuning HIDS policies for individual hosts
- Would monitor security events received from customer's monitored
servers, and then take appropriate action based on customer's security
policy.
- Perform triage on events/alerts which are reported by various
detection devices to filter out things such as false positives and known
accepted activities
- Conduct basic correlation and investigation by using the client
provided tools and using other approved network services.
- Understanding of common network services (web, mail, FTP, etc),
network vulnerabilities, and network attack patterns is a must
- Understand and act upon Vulnerability Assessments on OS, DB and
Firewalls (at least one of Nexpose, Qualys, Nessus, Skybox, Nipper) and
preferred knowledge on patching tools
- Knowledge of Security Incident Life Cycle and preferred knowledge of
working in a CERT
- Experience with security assessment tools (NMAP, ISS, Nessus,
Metasploit, Netcat)
- Experience with Systems Administration and in-depth knowledge of
Windows and UNIX servers
- Experience with DLP preferred (RSA, Digital Guardian, McAfee DLP)
- Strong analytical and problem solving skills are needed to perform the
job
- Would monitor network security events received from customer's
monitored servers, and then take appropriate action based on customer's
security policy.
- Assist customers with security related issues and remediation
- Responsible for reviewing alerts escalated by Level 1 analysts.
- Responsible for troubleshooting agent software issues.
- Reviewing customer reports to ensure quality and accuracy
- Responsible for tuning HIDS policies for individual hosts. Perform
ongoing management and backup monitoring of HIDS server
· Network security: Understand the standard network model and the
risks present. The functions of network equipment and to understand network
architecture.
· Experience of liaising with external security product vendors
--
Thanks & Regards
Rohit Gupta
roh...@vbeyond.com
908-988-0329 Ext-222
--
--
***************************************************************************************
For all SAP related tutorials,Articles,Faqs,Tips
www.sapbrainsonline.com
****************************************************************************************
You received this message because you are subscribed to the Google Groups
"sapbrains" group.
To post to this group, send email to sapbrains@googlegroups.com
To unsubscribe from this group, send email to
sapbrains-unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/sapbrains?hl=en
---
You received this message because you are subscribed to the Google Groups
"sapbrains" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to sapbrains+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
