Incident Analyst Position, Dublin Ireland

Hey all,

I am posting a position for one of my teams. Just to clear up some likely questions:

1. The position is in Dublin, Ireland and is open to EU residents only. Strong preference is given to Irish candidates.
2. Re-lo money is unlikely unless you are a very strong candidate.
3. I will not be using an outside recruiter for this position.

Please send your resumes direct to me, I prefer plain text format. I really prefer plain text format. A description of the role follows:

Symantec Incident Analysts provide the security intelligence behind the DeepSight Threat Management System. Using an array of tools and their own security experience, they analyze, document and correlate a range of global security incidents, attacker behaviors and malicious code.

Incident Analysts get access to the most sophisticated and real time global monitoring tools available. This system has been used to discover numerous worms, allowing us to warn users and offer an analysis of the worms behavior before other companies even noticed the threat. With the TMS system, anomalies in global network behavior are detected and marked automatically, providing this team with the most up to the minute snapshot of the worldwide security environment. It is then this teams job to find the story behind the numbers, and translate raw data into usable, actionable information for our customers.

In addition, Incident Analysts have access to one of the largest commercially deployed live honeynets. This system has been proven to be successful in obtaining binaries of previously unknown malicious code, allowing the IA team to reverse engineer these samples and be the first group to get detailed analysis to the public.

The Incident Analyst position is best suited to individuals with a keen interest in computer security, or in network forensics, excellent problem solving
skills, and the ability and desire to be part of a fast-moving, dedicated team in a dynamic and
fast-paced environment.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An Incident Analysts duties include:

Signatures

Analysis of vulnerabilities and malware including their associated exploits, and network behavior. The vulnerability, exploit or malware is explored sufficiently to understand the core security implication and create an IDS signature centered around the threat.

Threat Analysis Reporting

Binary and forensic analysis of malware to detail new threats and capabilities found in undocumented malware. Analysis of new trends in the development or deployment of malware.

Binary and forensic analysis of malware that is propagating aggressively Detail new threats to TMS customers in an aggressive time span. These threats include; new forms of malware, aggressive worms, new exploits or evidence of active exploitation. Create a formalized summary documents of the security issues that have surfaced in our global attack database.

Correlation

Work on correlation tables between attacks and IDS/firewall event. This involves research into IDS and firewall technologies for the purpose of determining which IDS and firewall alerts from different systems are associated with a specific attack.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Technical Skills Required (and when we say required - it's required)

• Strong understanding and previous experience with NIDS
• Strong understanding and previous experience with X86 programming
• Strong understanding of IDA and or related like tools.
• Strong understanding of network protocols and programming.
• Strong writing skills.

Soft Skills Required

• Must be a strong team player and be self motivated. This position is on a well established team devoid of rock star attitudes and I'd like to keep it that way.
• Must be a self starter. This position requires someone who is able to consistently perform without being whipped into action.
• Must be able to communicate issues clearly under stress and must be able to deal with a high stress environment.