Our client, a platform games developer, is looking for:
Cyber Threat Analysts (Level 1 - 3)
- Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution)
- Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip)
- Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies
- Knowledge of host/network access controls (e.g., access control list)
- Knowledge of network protocols (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]) and directory services (e.g., Domain Name System [DNS])
- Knowledge of the common attack vectors on the network layer
- Knowledge of the common networking protocols (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP]) and services (e.g., web, mail, Domain Name System [DNS]) and how they interact to provide network communications
- Knowledge of Windows command line (e.g., ipconfig, netstat, dir, nbtstat)
- Knowledge of common network tools (e.g., ping, traceroute, nslookup)
- Knowledge of cyber defense policies, procedures, and regulations
- Knowledge of different types of network communication (e.g., Local Area Network [LAN], Wide Area Network [WAN], Metropolitan Area Network [MAN], Wireless Wide Area Network [WWAN])Wireless Local Area Network [WLAN],
- Knowledge of Intrusion Detection System (IDS) tools and applications
- Knowledge of SIEM, Intrusion Detection System (IDS) tools and applications
- Knowledge of front-end collection systems, including network traffic collection, filtering, and selection
- Knowledge of cyber defense and vulnerability assessment tools, including open-source tools, and their capabilities
- Knowledge of incident response and handling methodologies
- Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
- Knowledge of the cyber defense service provider reporting structure and processes within one’s own organization
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)Language/Structured Query Language [PL/SQL]
- Ability to interpret and incorporate data from multiple tool sources
- Willing to work in a rotating 2 (two) shifts