Security Engineer

Company Name:
The Recruiting Division
Network Security Engineer
This is a consulting role located in Westport, CT. Financial services experience is required.
The Network Security Engineer will be responsible for scanning networks to identify potential vulnerabilities, evaluating and analyzing suspect malicious code through the utilization of forensic tools, dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers. Working directly with senior level information security and consulting professionals, you will provide your findings to the team to compile in technical reports with details of the vulnerability, identification parameters, advanced capabilities, and mitigation strategies. You will also have an opportunity to perform research in the area of malicious software, vulnerabilities, and exploitation tactics, and will participate in the addition of new tools and techniques to enhance the company's response capabilities. You should be knowledgeable in information and cyber security threats, how they will impact a business, what exposure and risks are associated with the loss of PHI/PII, and an ability to identify security vulnerabilities.
Perform remote and onsite live-response activities, analyze the output and identify vulnerabilities to mitigate additional data theft.
Assist senior team members with the identification of network vulnerabilities, interact as a team player to provide guidance to non-technical team members, and assist project managers with updating tasks and communications.
Interact with IT, networking, and information security departments to assess the state of an identified vulnerability, act on scanning and analysis required to further shutdown nefarious actions, and provide intelligence to senior team members.
Work with monitoring companies to understand what data is captured, where the threat exists, and to provide further analysis and remediation steps.
Perform basic Live-Response actions, analyze the output and provide guidance to first responders for mitigation on end-point computers. Ability to interact effectively with technical and non-technical audiences.
Act upon information security threats found from information security-related tools and applications
Prepare internal reports regarding findings and next steps.
Assist with the implementation and management of sandbox environments.
Conduct static and dynamic software code analysis.
Analyze firewall, network and host intrusion and prevention systems
Maintain software tool kits for remote, on-site and in-lab use.
Perform live memory and data collections, static data collections, including but not limited to servers, firewalls, intrusion detection (host and network)
Ability to effectively work in a team environment.
Document the specimen's attack capabilities, understand its propagation characteristics, and define signatures for detecting its presence.
Ability to reverse engineering attacks, software and other suspect activities.
Use tools such as ArcSight
Provide an explanation of how a vulnerability affected a client network, and how to remediate the issues
Minimum 3-5 years demonstrated experience in a combination of the following: software code analysis, and reverse engineering
Should be familiar with implications on a network caused by botnets, malware and viruses (ingress and egress)
Ability to troubleshoot problems proactively and to answer questions and handle issues as they arise.
Effective time management skills; and strong problem solving skills; ability to handle change and be flexible with respect to functions and responsibilities.
Proficiency with ArcSight is a strong nice-to-have
Recommended certifications: SANS GCIH or GCFA, GPEN, CISA, CISM, CISSP, CEH certification(s) or equivalent
Proven experience in successfully identifying malicious binaries residing memory and varying computer data types and storage mediums
Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise
Experience with open source and commercial malware analysis tools

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.