| Job Description: |
Requisition ID:
As an Incident Response Analyst you will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to respond to incidents at a global scale.
- Be the first responder for cyber-security incidents identified through security event management tools and confirm validity of identified incidents
- Differentiate false positives from true intrusion attempts
- Understand the network, both hardware and software configurations so as to expedite investigations and identify what systems may have been affected
- Support the incident response team by providing correlation analysis, trending, and metrics of all security events on the Network
- Monitor alerts and events utilizing monitoring tools and provide day-to-day security reports on monitored activity Manages and resolves Security Operations tickets in a timely fashion
- Work with the Corporate Incident Response Team and Information Security Teams on incidents and initiatives
- Participate in the improvement and or development of Security Monitoring and Incident Response process and procedures documentation
Basic Qualifications
- 3+ years of experience in information security
- 1+ years of experience working on computer security incident response team
- 1 + years of experience of In-depth knowledge of live forensics with enterprise forensics tools such as EnCase Enterprise or Mandiant Intelligent Response
Additional Information
- Strong understanding of basic Windows registry, NTFS, malicious documents (Office and PDF), memory, prefetch and Windows event log analysis
- Intermediate understanding of network traffic analysis
- Used and proficient in EnCase, AccessData or similar forensics software
- Understand standard forensic methodology
- Familiarity with Windows, Apple, and Linux based operating systems (e.g. XP, Windows 7, 2003, 2008, OS X)
- Intermediate skills in malware analysis for Windows based malware
- Strong analytical, documentation, and communication skills
- The following skills are highly desirable:
- Accredited degree in Computer Science or Information Technology
- EnCE and GIAC certifications highly preferred
- Experience with enterprise information security data management tools such as ArcSight or Splunk
- Knowledge of two or more of the following languages (Perl, Python, C, C++, C#, Objective C, Ruby, Lisp, Scheme, IA-32/IA-32e assembly, ARM, Power PC, MIPS, SPARC, Shell, SQL, HTML, CSS, XSLT, XML, Java, or EnScript)
FOR ADMIN USE ONLY: CB12
Bechtel is among the most respected engineering, procurement, and construction companies in the world. We stand apart for our ability to get the job done right- no matter how big, how complex or how remote. The reliability of our performance, the enduring quality of our projects, the strength of our ethics, and the seriousness of our commitment to safety and sustainability are evident in everything we do. Bechtel delivers for its customers what others can only promise.
Build your career as you build some of the most challenging and complex projects in the world today.
Bechtel is an affirmative action/equal opportunity employer (AA/EOE).
|
