New CSIRT Analyst (CSIRT Senior Incident Response Engineer) Job in San Jose, CA!
Position Title: CSIRT Analyst (CSIRT Senior Incident Response Engineer)

Position Number: 340114

Location: San Jose, CA 95125

Position Type: Temporary

Required Skill Set:

Analysis, Automation, BASH, cyber security, Python, TCP/IP

Position Description:

**C2C is not available**
**Only U.S. Citizens and those authorized to work in the U.S. can be considered as W2 candidates.**
Title:CSIRT Analyst (CSIRT Senior Incident Response Engineer)
Location:San Jose


Day to Day Responsibilities of this Position and Description of Project:

Job Description – CSIRT Senior Incident Response Engineer

Client is seeking a CSIRT IR Engineer to join our highly visible Cyber Security Incident Response Team that provides Security Operations Center (SOC) support, cyber analysis, scripting and automation, and a 24x7x365 support staff. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations into Day shift.

Working within Client Computer Security Incident Response Team (CSIRT) you will have the opportunity to build innovative solutions to identify and mitigate information-security threats. You will work collaboratively to creatively solve complex security problems in a heterogeneous environment. With your contributions, we’re building the best security incident response team in the industry. Your skills, vision, tenacity, and passion will help us defend and respond daily to keep Client critical information assets away from threats and hackers.
Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.
Must demonstrate expert knowledge in Incident Response and one or more of the following areas:
Threat Hunting, Digital Forensics, Monitoring and Detection, Cyber Intelligence Analysis, Data Loss Prevention

Core Job Functions Include:
Investigations – Investigating computer and information security incidents to determine extent of compromise to information and automated information systems, must be familiar with notable event triage, Host Forensics, Network Analysis.
Escalations – Responding to escalated notable events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
Research – Researching attempted or successful efforts to compromise systems security and designs countermeasures. Stay educated on latest trends, techniques, tactics and procedures.
Communications – Provides information and updates to shift leads, creates pass-downs for the next shift, works closely with supporting teams, provides feedback for new security policy and standards, and engages with other teams.
Digital Forensics – As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country laws.
Coverage – Must be willing and able to perform shift work, weekends, and holidays as well as participate in a rotating shift consisting of four (4) 10 hour shifts with four days on, three (3) days off and rotations across Day, Swing, and Graveyard shifts as needed.
To be successful in this position, you should be proficient with:
Incident Response – Getting people to do the right thing in the middle of an investigation.
Offensive Techniques – Penetration testing, IOCs, and exploits at all layers of the stack. Need to be very familiar with real world scenarios and current attacker behavior.
Logs - you should be very comfortable with a SEIM to be able to gather and analyze logs to recreate incidents and hunt for threats. Should have experience developing and tuning detection logic.
System Forensics – Understanding of image acquisition techniques, memory forensics, host forensics.
Networking Fundamentals - TCP/IP Protocols and associated analysis tools eg. Wireshark/TCPDump.
Scripting – Should be familiar in scripting in at least one of the following: BASH, Python, Perl or a similar language.
Risk Analysis – Taking an event in a particular environment and understanding the practical associated risk is a critical part of our jobs.
Automation – Creating and/or modifying scripts to automate repetitive and mundane tasks, freeing up time to focus on advanced investigations and other projects.
Enterprise Security - Should be familiar with enterprise security issues, working at scale.

Required Qualifications:
Minimum five (5) years of professional experience in incident detection and response, malware analysis, digital forensics.

Send me a reminder to complete this application

Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.

Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.)
Employee Comments
We want you to work with us, but don't take our word for it. Take a look at this sampling of employee comments. They speak for themselves.
About Rose
  • Founded in 1993
  • 21 office locations across the U.S.
  • 130+ Customers; corporations and government agencies
  • Employee Oriented Company
  • Challenging Assignments across the U.S.
  • Continuous Professional Development
  • Challenging, Exciting and Professional Atmosphere
Join Our Team Today!
Follow Us