This job has expired, please see additional jobs below
Information Security Engineer – Incident Response and Forensics
Entertainment & Media Industry Company
San Francisco, CA, United States
Job Details - this job has expired, please see similar jobs below
Role Description:
You will be responsible for designing, building and deploying systems to protect Company against advance threat adversary. You will build and optimize solutions in order to track down and contain malicious activities, security violations, vulnerabilities and other threats against Company’s information assets, additionally hunt down targeted malware and other targeted threats on Company network. You will perform Forensics Analysis as part of Incident Response Process. Mature and enhance Forensics program including maintaining global forensics solutions for Company. You will build reverse engineering capabilities to identify indicators of compromise to enhance threat intelligence. You will evangelize security practices to protect Company against information security risks.
About You:
Are you motivated, self-driven, and passionate about your work. You perhaps enjoy coming up with innovative ideas to solve complex security problems. You are often compelled to write tools for the greater good. You absolutely love automation and think Python is a Godsend and if you are writing regex then Perl is your tool. You enjoy listening to Risky Business on your commute to work, or reading the latest tweets from Dan Kaminsky or Moxie Marlinspike. If so then you are in the right place and keep reading.
If you choose to join the Company’s Enterprise Information Security Team, your mission will be to ensure that our customers' most precious data remains secure. This is an exciting opportunity in a growing security team where you will get a chance to work in many different security areas ranging from infrastructure security, security architecture and engineering, security operations, incident response, and red teaming. You will also get an opportunity to share your ideas, thoughts and problems with your peers outside the company.
Primary Responsibilities:
• Maintain and enhance Company’s formal forensics program that drives Company’s capabilities in Anytime Anywhere Forensics.
• Be part of Company information security incident response program that drives the information security monitoring, detection and response capabilities to protect organizational assets.
• Design solutions to enhance security incidents detection, correlation and remediation capabilities.
• Perform Memory Forensics & Malware reverse engineering, analysis and extract IOCs (Indicators of Compromise)
• Hunt down targeted malware and defend against active adversaries.
• Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts.
• Perform project leadership tasks on select security projects.
• Evangelize security throughout the enterprise and drive changes needed to respond to emerging threats.
Required Skills & Qualifications:
• Master's degree (M.S.) in computer science or related field, or Bachelor's degree (B.A.) and equivalent work experience
• 3-5 years’ experience in the field of information security in each of the following areas: Incident Handling, Intrusion Detections, Forensics, End Point Security solutions.
• Experience with host and network based forensic tools EnCase, FTK, Sleuth Kit, SIRT, GRR, MIR, cyber triage, Blacklight toolset etc.
• Strong experience in post incident forensics using log analysis and end-point detection & response tools. Good working knowledge of SIEM solutions.
• Experienced in evidence collection and preservation procedures.
• Experience of or familiarity with operating Threat Intelligence based incident response process. Certification in GCIH preferred.
• Experience with Threat management systems and familiarity with IOC sharing standards.
• Experience with sandboxing technologies, reverse engineering and malware analysis. GIAC GREM certification preferred.
• Strong background in packet analysis, host and network security tools and network & encryption protocols.
• Strong Windows and Unix/Linux and OSX experience. Experience with using open source tools for completing analysis.
• Experience in understanding and interpreting complex technical tasks and simplifying them into executive summaries.
• Experience in writing incident reports that are applicable to multiple audience with different levels of technical expertise.
• Excellent analytical skills, organizational skills, ingenuity and the ability to work as part of a team
• Certified forensic examiner. Certification in GIAC GCFE or GCFA preferred.
Desired Skills:
• Advanced interpersonal skills to effectively promote ideas and collaboration at the various levels of the organization
• Knowledge of mobile & cloud security, including experience implementing security controls
• Experience working with security vendors, including submitting feature requests, evaluating products and analyzing security functionality of a diverse set of product
• Experience writing security white papers and/or presenting security products and technologies to diverse audiences
• Programming skills including automation using scripting languages preferably experience with Python
• Any of the following certifications a plus: GIAC (various), Security+, CEH, Microsoft, ITIL