This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
AVA Consulting - San Jose, CA
posted about 2 months ago
About the position
The Cyber Security Engineer III position at AVA Consulting involves joining a highly visible Cyber Security Incident Response Team (CSIRT) that provides 24/7 support for security operations. The role focuses on investigating security incidents, responding to escalated events, researching security threats, and maintaining proficiency in security tools and techniques. The engineer will also engage in digital forensics and collaborate with various teams to enhance security policies and standards.
Responsibilities
- Investigate computer and information security incidents to determine the extent of compromise.
- Respond to escalated events from security tooling and develop security controls to prevent attacks.
- Research attempted or successful efforts to compromise system security and design countermeasures.
- Maintain proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities.
- Provide information and updates to shift leads and leadership, and create pass-downs for the next shift.
- Engage with other teams through email and conference calls regarding security policies and standards.
- Perform HR investigations and legal holds in a forensically sound manner.
Requirements
- Extensive experience working with various security methodologies and processes.
- Advanced knowledge of TCP/IP protocols.
- Experience providing analysis and trending of security log data from heterogeneous security devices.
- Expert knowledge in Incident Response, Digital Forensics, Monitoring and Detection, or Cyber Intelligence Analysis.
- Proficient in Incident Response and getting people to act correctly during investigations.
- Familiarity with offensive techniques such as penetration testing and IOCs.
- Comfortable using a SEIM for log analysis and incident recreation.
- Basic understanding of image acquisition techniques and memory forensics.
- Knowledge of networking fundamentals and tools like Wireshark/TCPDump.
- Familiarity with scripting in Python, Perl, or similar languages.
- Ability to conduct risk analysis related to vulnerabilities.
Nice-to-haves
- Experience in Security Assessment or Offensive Security.
- Experience in Application Security.
- Experience in Security Operations Center/Security Incident Response.
- Experience in Cyber Intelligence Analysis.
