Systems Security Analyst

Job Description

Minimum 5 years IT experience, with a majority of time within the security discipline.

• Intimate knowledge of intrusion detection systems, from installation, configuration, and updating to monitoring and investigating alarms and alerts.
• Cisco Network IDS, Cisco Host-based IDS, Snort IDS, Entercept/McAfee HIDS
• Ability to interpret and write Snort style IDS rules and the knowledge of implementing these rules in operational IDSs. Ability to review a public exploit or announcement and write a custom IDS rule to monitor for activity on the local network
• Ability to understand network traffic capture and analysis. Ability to take a PCAP file and determine what the traffic is doing
• Intimate knowledge of Linux and Windows operating systems. Ability to install and operate a Linux IDS with no help from other members of the Security team. Candidate should be comfortable using Linux as their primary operating system.
• Expert knowledge in computer incident response and experience with computer forensic evidence gathering
• Working knowledge of firewalls such as PIX and IPTables. Ability to interpret and provide recommendations for firewall rulesets and understand the necessity for firewalls and what is a good firewall ruleset
• Penetration testing and vulnerability assessment experience. Experience with tools such as Nmap, Nessus, nikto, Paros, etc. to perform basic and in-depth whitebox and blackbox penetration testing
• Knowledge of proper system security lockdown (understand the concepts of security technical implementation guides and what actions need to be performed to properly secure a system on the network)
• Knowledge of other network programs and services, such as mySQL, subversion, Cisco routers and switches, x86 servers, anti-spam such as spamassassin