Information Security Analyst

Profile

Information Security Analyst

The candidate will proactive threat hunting with SIEM, log collection, parsing, enrichment, and normalization technologies. Perform advanced packet analysis (such as the ability to read and extract relevant information from a PCAP). Intrusion Kill Chain familiarity, including common delivery, exploit and post-exploitation attacks such as privilege escalation techniques in Windows. Utilize deception technology to increase detection capabilities. Long Tail analysis. Assists in the management of security technology processes and solutions, which include endpoint protection, vulnerability management, content filtering, and intrusion detection systems. Participate in the security design and management of the Firm’s network infrastructure. Assist with management of perimeter security, including next-gen firewalls and DMZ. Participate in various training programs for IT staff regarding security controls and disciplines. Conduct incident detection, response, containment, eradication and recovery across IT systems, including identifying and handling suspicious files, static and interactive malware analysis, developing response processes (particularly with automation and orchestration), monitoring events, summarizing, and reporting findings. Check server and firewall logs, network traffic, establishing and updating virus scans, and troubleshooting. Analyze, report, and resolve as appropriate the findings from vulnerability scans, and penetration tests. Conduct user activity audits and perform internal forensic review when required. Stay abreast of current technologies, security compliance requirements, standards, industry trends, and current attack techniques. Bachelor’s degree from an accredited university in CS, IT, CIS, or a computer related field is desired. Should have current experience across a broad spectrum of data security disciplines, including Microsoft solutions and infrastructure and intrusion detection and prevention. Familiarity with OSQuery, Zeek/Bro, Sysmon, WEF, Wireshark, Process Monitor, and RITA is required. Familiarity with C#, Bash, and Python is desired. Strong background with firewall products, IDS, IPS, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc. is desired. Knowledge of security best practices across multiple platforms, including Linux, Windows, VMWare, and Cisco IOS is required. GCIA, GCDA, GCED, GCIH, GCFA, or GNFA certification preferred and OSCP is also desirable.

Additional Information

Job ID: 1727. No calls.

Company info

O'Melveny & Myers LLP.
LeKieah Williams
717 Texas Avenue Suite 1200
Houston
Texas
United States 77002-2819
Website : https://www.omm.com/