O’Melveny is seeking an Information Security Analyst with a passion in Information Assurance to help us improve our program. The Information Security Analyst provides active defense through event collection and review, threat hunting, vulnerability assessment, malware analysis and remediation of potential security related events and incidents.
Duties and Responsibilities:
Proactive threat hunting with SIEM, log collection, parsing, enrichment, and normalization technologies.
Perform advanced packet analysis (such as the ability to read and extract relevant information from a PCAP).
Intrusion Kill Chain familiarity, including common delivery, exploit and post-exploitation attacks such as privilege escalation techniques in Windows.
Utilizing deception technology to increase detection capabilities.
Long Tail analysis.
Assists in the management of security technology processes and solutions, which include endpoint protection, vulnerability management, content filtering, and intrusion detection systems.
Participate in the security design and management of the Firm’s network infrastructure.
Assist with management of perimeter security, including next-gen firewalls and DMZ.
Participate in various training programs for IT staff regarding security controls and disciplines.
Conducts incident detection, response, containment, eradication and recovery across IT systems, including identifying and handling suspicious files, static and interactive malware analysis, developing response processes (particularly with automation and orchestration), monitoring events, summarizing, and reporting findings.
Check server and firewall logs, network traffic, establishing and updating virus scans, and troubleshooting.
Analyze, report, and resolve as appropriate the findings from vulnerability scans, and penetration tests.
Conduct user activity audits and perform internal forensic review when required.
Stay abreast of current technologies, security compliance requirements, standards, industry trends, and current attack techniques.
Performs other duties and responsibilities as assigned.
Knowledge, Skills and Experience:
Qualified applicants should have current experience across a broad spectrum of data security disciplines, including Microsoft solutions and infrastructure and intrusion detection and prevention.
Familiarity with OSQuery, Zeek/Bro, Sysmon, WEF, Wireshark, Process Monitor, and RITA.
Must have strong PowerShell scripting abilities.
Familiarity with C#, Bash, and Python desired.
Strong background with firewall products, IDS, IPS, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc. is desired.
Knowledge of security best practices across multiple platforms, including Linux, Windows, VMWare, and Cisco IOS.
GCIA, GCDA, GCED, GCIH, GCFA, or GNFA certification preferred and OSCP is also desirable.
Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques.
Strong verbal and written communication skills are required, including the ability to communicate security risks to both IT administrators and non-technical staff.
Candidate should be able to effectively interact with all levels of staff.
Candidates must be internally motivated and self-driven for excellent results.
Must have strong leadership skills, providing project leadership as needed, as well as excellent written and verbal communication skills.
The ability to work in a team or work independently on complex tasks with minimal technical and management guidance is required.
Must be able to meet deadlines and deliver status updates to project team on a frequent basis.
Bachelor’s degree from an accredited university in CS, IT, CIS, or a computer related field is desired.
Professional certifications will weigh in the candidate’s favor.
We offer an excellent salary and benefits package. For more information, or to be considered for this position, please apply online at www.omm.com. Response will be given to candidates who closely meet our qualifications. EOE M/F/D/V. No phone inquiries please.