K3 Solutions, LLC (K3) is a leading technical solutions and services company, that offers a broad range of expertise in systems modernization efforts, applications support, and business process management services.  Our collaborative approach, innovative solutions, and focus on adding value provides our clients with a cost-effective path to addressing, managing, and achieving all of their mission objectives and business goals.

Security Monitoring - Responsible for the security monitoring and reporting of IT system resources; Responding to and investigating incidents identified by SOC; Defining the monitored activities that are logged and monitored to detect abnormal or unusual activities that may need to be investigated; Providing 24x7 CSIRT response; Preparing management reports; Managing, maintaining, and updating supporting Security Monitoring technologies; Working with technology owners to ensure successful delivery and security of audit/log data.

-Analyze security data including intrusion detection system (IDS) events, system logs, Firewall Logs, network traffic analysis in response to security events and incidents;

-Implement new technologies / processes to support Information Security intrusion detection activities;

-Monitor security intelligence feeds and analyze impact to system infrastructure.

Intrusion Detection - Consult/Assist in the monitoring of network and host security infrastructure. Consult/Assist in the performance of impact assessments and validation of attacks (successful/unsuccessful) against the IT infrastructure; Assist in the design, deployment, and configuration of countermeasures as appropriate; Reviewing/identifying current vulnerabilities, attacks and appropriate countermeasures. Interface with other technology owners to ensure proper detection of potential security issues.

-Understand business impact of security incidents and recommend corrective or preventative action.

Vulnerability Management - Collect vulnerability and threat information from vendors, researchers, and other sources; Perform correlation of threat/vulnerability sources to provide recommendation on potential actions and assessment of overall security threat posture.

Incident Management - Conduct Information Security Investigations/Forensics analysis; Participate in Computer Security Incident Response teams.

-Collect, preserve, and analyze computer evidence in support of Information Security investigations / Incident Response process.

MUST BE STRONG with EnCase

Skill level: Senior (7+ yrs.)

Previous Security Operations Center (SOC) experience

-Prior Forensic Analysis experience preferred. Experience using EnCase Forensics, FTK, Helix, and other open source tools a plus.

-Must be able to work independently and in a team environment

Finance and /or Mortgage experience required

Education/Experience

-4-year degree in Information Security, Computer Science, Information Technology, Management Information Systems or equivalent work experience

-GSEC, GCIH, CCNA, CISSP or similar security related industry certification

-Experience in system administration/security administration of multiple platforms and operating systems such as Solaris/AIX/Linux and Microsoft Windows Server

-Demonstrated knowledge of network security, protocols, architecture and packet analysis

-Strong knowledge of malware and anti-malware tools

-Experience with the following security technologies is required: Intrusion Detection Systems (IDS), Vulnerability Scanners, Forensics Tools, Malware Analysis tools, Log Collection systems, SIEMs, Data Loss Prevention and End Point Solutions.

-Strong technical analysis writing and communication skills

Security Clearance Requirement

None

Email your resume to [email protected].