• MDR Senior Analyst

    Job Locations US-TX-San Antonio | US-Telecommuter
    Posted Date 1 week ago(1/7/2019 10:48 PM)
    Job ID
    2019-2093
    Category
    Security Consulting Services
  • Overview

    At Fidelis Cybersecurity, Inc. our mission is to protect the world’s most sensitive data by equipping organizations to detect, investigate and stop advanced cyber-attacks.


    Attackers are relentless and clever. They hide their exploits deep inside networks, email and endpoints. Fidelis digs as deep as attackers hide. With Fidelis, customers will know when they are being attacked, and they can retrace attackers’ steps and freeze them in their tracks.

     

    We don’t just read the headlines at Fidelis. We live them. Our elite team of incident responders is in the trenches every day assisting customers to manage their way through critical security incidents of all kinds. This seat on the front lines gives us a unique view to see what works and what doesn’t when it comes to keeping attackers at bay.

     

    Take a seat with our preeminent team and be a part of our mission to give our customers the power to combat today’s sophisticated advanced threats with a robust, comprehensive portfolio of products, services, and expertise.

    Responsibilities

    Fidelis Cyber Security is currently seeking Senior Intrusion Analysts who possess skills and experience specifically in the areas of intrusion detection, network traffic & packet analysis, threat hunting, and malware analysis.  These individuals will be members of a Managed Detection and Response (MDR) team based out of San Antonio, TX.  This 24x7x365 team is responsible for remotely defending the corporate networks of companies across the globe.  We are looking for individuals that are not only passionate about cyber security, but also passionate about defending our customer's computing environments and will take pride in doing so.  

    Candidates must possess a fundamental knowledge and understanding of network and security operations as well as network monitoring procedures.  As well as have experience with various types of Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Content Filtering (WCF) Systems, Security Information and Event Management (SIEM) solutions, sandbox technologies, and knowledge of best practices regarding network security architecture and signature development. Knowledge of CERT procedures and NOSC operations is also desirable.

     

    Responsibilities

     

    Day-to-day responsibilities will include the following:

    • Real-time monitoring and retrospective analysis of alert, session, statistical, file, host, and full PCAP data leveraging numerous aggregation, correlation, orchestration, reporting, and visualization platforms
    • Ensure uptime, availability and integrity of all security systems (active/passive) and the data sets that they produce
    • Ability to recognize known attacks or suspicious/malicious activity within network flows
    • Signature tuning, analysis, and development
    • Apply updates to various toolsets based on documented processes and procedures
    • Documenting processes and procedures of all security related operations

    Qualifications

    Job Requirements:

    • Knowledge of TCP/IP as well as network analysis using various toolsets (TCPDump, Wireshark, etc.)
    • Must have a minimum of 2-years Linux experience
    • Must have a minimum of 2-years network security experience

     Desirable Requirements:

    • Possess a basic understanding of regular expressions and scripting languages (perl, python, etc.)
    • Possess a basic knowledge of hacking techniques and attack methodologies as well as mitigations of those techniques and methodologies
    • Demonstrate an ability to work independently with minimal supervision
    • Demonstrate an ability to handle concurrent projects and assignments
    • Demonstrate a desire and willingness to continue to expand your area of knowledge in security best practices and technologies
    • Focus under pressure and respond appropriately to critical situations or incidents
    • 5 + years’ experience in a technical role focused on any of the following: networking, endpoint management, cloud, data science, or reverse engineering. 
    • Analyze malicious code, packet capture files, and artifacts
    • Identify gaps in security visibility and develop and propose strategies to fill gaps
    • Identify and propose automated alerting strategies for new and previously unknown threats
    • Work collaboratively with peers and teach and mentor junior hunters/analysts
    • Strong written and oral communication skills
    • Demonstrated enthusiasm for learning new things and ability to pick up new ideas quickly

     

    Location:  San Antonio, TX

     

    Diversity is important to us:


    At the heart of our company is a diverse group of employees who rely on their intimate knowledge of customer requirements and a unique blend of skill and innovation to develop and deliver the best possible products and services. Fidelis encourages the inclusion of all people and a work environment free from discrimination.

    We are dedicated to the principles of equal employment and advancement of people based on their individual qualifications, skills and abilities. This commitment is supported by policies and procedures that foster a nondiscriminatory workplace. Guided by a rigorous code of ethics that is applied with integrity, these fundamental characteristics are reflected throughout our organization and are key components of the strength we deliver to our customers.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed