Role: Security Technical Consultant ( Local to CA only)
Local to Sacramento, CA
Duration 12 months
Deliverables:
Proactively identify and assess threats to State Funds users, network, and data.
Monitor and respond to reports of malicious activity.
Respond and investigate intrusions and security events.
Demonstrate an understanding of State Funds threat landscape.
Perform thorough analysis of attacks and anomalous network behavior.
Provide summarized and detailed analysis and documentation in support of ESEC.
Perform proficient forensic analysis using security tools and processes.
Identify Actionable Intelligence by processing Threat Intelligence (TI).
Demonstrate ability to identify, contain, eradicate, and recover from security incidents.
Collaborate with State Fund business units, partners, and individuals to mitigate security threats.
Advise the CISO and ESEC Team on matters involving organizational, strategic, tactical, and security best practices related to forensics and security incidents management.
Attend meetings/Represent ESEC as a Senior Lead for all security matters.
Act as Lead/Co-Lead/Backup on assigned ESEC projects.
Mentor junior staff colleagues.
Create Standard Operating Procedures and training documents.
Technical Knowledge and Skills:
Minimum of 5+ years of technical experience conducting security incident response and forensic analysis.
Working experience of obtaining Cyber Threat Intelligence and making the information usable through the security incident process.
Working experience of applying IOCs to identify threats in current environment and apply information to prevent future vulnerabilities in infrastructure.
Technical security project management skills.
Working experience using best practices standards and frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.
WORKING EXPERIENCE, at a minimum:
Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
Operating Systems: UNIX, LINUX, WINDOWS.
Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
Network Protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
Databases: Oracle, SQL, MYSQL.
Cloud Platforms: IAAS, PAAS, SAAS.
Security Concepts: Encryption, Hardening, etc.
Security GRC.
Forensic Analysis Tools.
Active Directory.
Programming Languages are a plus.
Computer Forensic experience a plus.
Prior SIEM experience a plus.
Malware analysis skills a plus.
Experience in managing multiple projects.
5+ Years’ experience in information security and forensics and/or security incident response.
CISSP and CCFP or equivalent certification desired (e.g., CCE, CHFI). Other highly desirable security certifications may be substituted for CISSP (e.g., CISA, CISM, etc.)