ADVISOR, CYBERSECURITY CONSULTING - US
Posted: 01/14/2022
list
Job Description
ACCOUNTABILITIES
- Provides holistic security advice through network, host, database, device, and people/process environments to a wide range of internal business stakeholders.
- At advanced stages, leaders of business units and embedded security champions may provide software or portfolio-level advice.
- In one or more fields, it usually provides deeper knowledge and experience.
note
Requirements
**Candidate need to answer some Pre-Screen Questions**
- How to investigate a phishing email?
- what does the status message 200, 302, or 400 mean when investigating suspicious web traffic?
- Please provide an example Splunk query, where you have an endpoint log source and we want a unique list of hostnames that triggered EventCode 4625?
- Scenario-based: A user reports that his computer is acting strangely and is requesting CSIRT to investigate what the issue is. He provides the IP address 192.168.1.5 for his laptop that is running Windows 10. Assume the analyst has access to all the security tools and is not allowed to communicate with the user. Just need to use security tools do perform the investigation. Present the steps you'd take to investigate this problem.
The candidate should have a strong background in the following:
- Splunk power user or extensive experience with Splunk, dashboard and alert creation experience.
- Excellent experience in SIEM configuration/maintenance
- Good experience with Splunk log ingestion
- Excellent network analysis, packet captures, IDS/IPS
- Strong MITRE ATT&CK framework that can translate into Splunk alerts
work
Responsibilities
- Works with clients to mitigate compliance risks in terms of safe product setup, implementation and how they match and conform to relevant security protocols and guidelines.
- Guides clients in the development and enforcement of security control
- Prioritizes own work and may have responsibilities to instruct, guide, delegate and supervise the work of more junior team members
- Understands and contributes to the approach, regulation, guidelines, and processes for cybersecurity
- Build and offer workshops on cybersecurity issues to professional and non-technical audiences.
- Translates cybersecurity specifications for a single customer, software or project into specific frameworks, apps and model designs
alarm_on Work arrangement
Site: Remote - Texas, United States
Location: Remote - Texas, United States
Position:
Consultant
Location:
Austin, Texas
Division:
MagRabbit USA