Senior Incident Response Analyst – DELL – Singapore

APPLY HERE


The IR consultant will predominantly assist with pre and post-sale
opportunities to help demonstrate advanced usage of the NetWitness toolset-
while also providing an opportunity for knowledge transfer and enablement of
clients and internal RSA staff. As opportunities arise- the IR consultant will
also provide RSA customers with pro-active and re-active analysis into the
activities taking place on their networks. Through the capture and expert
analysis of live network traffic utilizing the NetWitness platform- the
consultant will determine the overall state of the network and identify and
report on all areas of concern. The IR consultant will also perform research
and develop techniques to identify and mitigate threats- staying abreast of
all emerging threats and developing creative solutions to solve custome

issues.

Responsibilities:

Assist with Pre/Post sale NetWitness opportunities
NetWitness subject matter expert
Mentor internal RSA staff members on advanced security techniques utilizing RSA toolsets
Conduct incident response engagements
Summarize and report findings to key stakeholders
Network Security Forensics Incident response subject matter expert
Project management
Mentor junior staff members

Required Skills and Experience:

Excellent written/verbal communication and interpersonal skills
Network Security Forensics Analysis Experience utilizing tools such as WireShark- enCase- FTK- Netwitness- Security Analytics or similar
Host Based Forensics Analysis Experience utilizing tools such as ECAT- enCase- FTK- Mandiant- Access Data or similar
Prior Incident Response Security Experience
Network capture traffic analysis and forensics
Malware analysis / reverse engineering techniques and tools would be a plus
Ability to distill complex technical concepts into business terms that
decision-makers can use to quickly take action

Expert level knowledge of typical attack vectors and system penetration techniques
Advanced Linux/Windows skills
Familiar with NIST guidelines (800-61- 800-86)
Understanding of Network Protocols and security infrastructure (proxies- firewalls- email filtering technologies- and network intrusion detection systems)

Desired Skills: (Good to have)

Experience with network capture and analysis products and advanced flex parser development
Any Prior Programming in one or more language would be plus (C#.NET or Java (J2EE))
Red Teaming
Chinese- Japanese- Korean or Malay language a bonus

Experience and Education Qualifications:

3 or more years in an incident response role
BS/MS in Computer Science or equivalent experience
Certifications (GIAC- CEH- etc)
An active security clearance is preferred- not required

Travel

Occasional need for up to 50% international travel.

Job Family: RSA Job ID: R40347