*Information Security Consultant with SIEM (RSA Analytics) skills* *Charleston, SC*
*6+ Months Contract* *Essential Functions/Responsibilities:* - Experienced in administration and configuration of SIEM (RSA security analytics platform) - To fine tune, manage, set up alerts, configure, customize, develop parsers and integrate with RSA ticketing tool - Perform analysis of log files, including forensic analysis of system resource access. - Experience in IDS/IPS, Firewalls, DLP, Anti-Virus and various security tools - Work with security tools to configure host IDS/IPS policies (Cisco CSA agent, Symantec SEP, McAfee Host Intrusion Prevention ) pertaining to enabling audit trails, log collection and trouble shooting of collector issues - Responsible for tuning HIDS policies for individual hosts - Would monitor security events received from customer's monitored servers, and then take appropriate action based on customer's security policy. - Perform triage on events/alerts which are reported by various detection devices to filter out things such as false positives and known accepted activities - Conduct basic correlation and investigation by using the client provided tools and using other approved network services. - Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and network attack patterns is a must - Understand and act upon Vulnerability Assessments on OS, DB and Firewalls (at least one of Nexpose, Qualys, Nessus, Skybox, Nipper) and preferred knowledge on patching tools - Knowledge of Security Incident Life Cycle and preferred knowledge of working in a CERT - Experience with security assessment tools (NMAP, ISS, Nessus, Metasploit, Netcat) - Experience with Systems Administration and in-depth knowledge of Windows and UNIX servers - Experience with DLP preferred (RSA, Digital Guardian, McAfee DLP) - Strong analytical and problem solving skills are needed to perform the job - Would monitor network security events received from customer's monitored servers, and then take appropriate action based on customer's security policy. - Assist customers with security related issues and remediation - Responsible for reviewing alerts escalated by Level 1 analysts. - Responsible for troubleshooting agent software issues. - Reviewing customer reports to ensure quality and accuracy - Responsible for tuning HIDS policies for individual hosts. Perform ongoing management and backup monitoring of HIDS server · Network security: Understand the standard network model and the risks present. The functions of network equipment and to understand network architecture. · Experience of liaising with external security product vendors -- Thanks & Regards Rohit Gupta roh...@vbeyond.com 908-988-0329 Ext-222 -- You received this message because you are subscribed to the Google Groups "Oracle-Projects" group. To unsubscribe from this group and stop receiving emails from it, send an email to oracle-projects+unsubscr...@googlegroups.com. To post to this group, send email to oracle-projects@googlegroups.com. Visit this group at http://groups.google.com/group/oracle-projects. For more options, visit https://groups.google.com/d/optout.