Security Consultant

• Responsible for conducting incident response operations according to documented procedures and industry best practices.
• Able to interact with executive levels throughout the company.
• Must have extensive experience in multiple security areas such as SIEM, EDR, XDR, ASM, IDS, APT, and WAF.
• Will be required to participate in multiple intelligence communities and be able to disseminate pertinent informationthroughout the SOC.
• Ideal candidates should have extensive experience in Linux and Windows operating systems, deep knowledge of networking and attack methods such as SQLi and pivoting.
• Enthusiasm and interest in Information Security must be displayed.

• Knowledge of network security zones, Firewall configurations, IDS policies
• Knowledge of systems communications from Layer 1 to 7
• Experience with Systems Administration, Middleware, and Application Administration
• Experience with Network and Network Security tools administration
• Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes.
• In-depth experience with log search tools such as HP Arcsight, Splunk, usage of regular expressions and natural language queries
• In-depth knowledge of packet capture and analysis
• Experience with Security Assessment tools (NMAP, Nessus)
• Ability to make create a containment strategy and execute.

• Intrusion Detection in Depth – SEC503 (GCIA certification) or equivalent
• Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification) or
• equivalent.
• GIAC Continuous Monitoring (optional GMON certification) or equivalent
• Advanced digital forensics and Incident Response - FOR 508 (Optional GCFA certification) or equivalent

• Computer Forensic Investigation such as Windows Forensic Analysis FOR408 – (Optional
• GCFE certification)
• Perimeter Protection in Depth – SEC502 (optional GCFW certification)
• Advanced Security Essentials – SEC501 (optional GCED certification

IBM