Job Requisition:R-3222 Info Security Engineer
As a senior member of the team, monitor and process responses for security events. (The CIRT team must be available 24x7x365 with periodic on-call shift coverage) Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems. On major incidents, acts as incident commander and primary point of contact. Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention). Evaluate current CIRT standards and procedures and update or author new content as required. Leverage a deep understanding of current and evolving security threats and threat detection solutions as well as contribute to the company's threat and vulnerability research and IT security strategy and roadmap. Leverage automation and orchestration solutions to automate repetitive tasks. (Scripting abilities with Python are highly desired.) Investigate and document events to aid incident responders, managers and other CIRT team members on security issues and the emergence of new threats. Responsible for malware investigations, forensic analysis and investigation and cyber incident response in both on premise and cloud environments. Support threat assessment & continuous monitoring programs as needed including vulnerability assessments, penetration testing, documentation and follow-ups. Desired Skills: Python (Scripting for automation) Splunk, FireEye Helix, Symantec, Cisco Network Packet Analysis with Wireshark/Zeek Relevant Certifications considered a plus Knowledgeable in the Incident Response Cycle NIST Standards Requirements: Deep experience working with various SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS),file integrity monitoring (FIM),DLP and other network and system monitoring tools. Experience driving measurable improvement in monitoring and response capabilities at scale. Knowledge of a variety of Internet protocols Track record of acting with integrity, taking pride in work, seeking to excel, passionate, adaptable, and communicating effectively (Verbal, written) Demonstratable critical thinking and problem-solving skills Experience working in a global operational environment Neustar does not accept unsolicited resumes from external firms or agencies. Neustar will not be responsible for placement fees associated with unsolicited resumes. DIVERSITY Diversity, inclusion and teamwork are second nature to Neustar; and these values permeate our entire business structure. Neustar is committed to creating an environment where a wide spectrum of opinions and beliefs are actively sought, listened to and respected. Further, our talented workforce draws from the many geographic areas and markets in which Neustar operates worldwide, which represents a distinct competitive advantage. The rich and varied personal and professional backgrounds of our employees make Neustar a dynamic and rewarding company at which to build a career.
Job Description: Info Security Engineer - NeuCIRT Neustar is seeking a senior incident response security engineer for Neustarâs Cyber Incident Response Team (NeuCIRT). NeuCIRT is responsible for security monitoring and rapid incident response across all Neustar environments.