Post Tue Dec 27, 2011 5:54 pm

Sr. Incident Responder at Fortune 150 Company

If qualified, please apply at emerson.com
You may also contact me at paul.jaramillo@emerson.com

Job Requires Relocation to St. Louis, MO

Job ID EMR-00000224
Job Description
As a Security Engineer, the candidate must be able to detect and respond to computer incidents across a global enterprise network. Computer Incidents include, but are not limited to, intrusions, malware events, HR violations, insider threats and intellectual property cases. The candidate will be expected to perform the necessary live response tasks, such as log, memory, and registry analysis, in addition to traditional disk forensics in order to complete the investigations. Responsibilities also include monitoring intrusion detection systems and developing custom IDS signatures in response to new threats. Experience in reverse-engineering suspicious binaries is a plus for this role.

Qualifications:

To perform this job successfully, an individual must be able to perform each basic responsibility satisfactorily and meet education and experience requirements.

Education and Experience:

3+ years Experience in Intrusion Detection and Response with the following components required.

Must be able to quickly understand new threats and technical concepts
Must be passionate about information security with a desire to learn
Must be familiar with incident response methodology
Must have an in depth understanding of Windows & UNIX systems
Must have a solid knowledge of networking fundamentals.
Must have experience with log analysis, for example:
Windows, UNIX, DNS, DHCP, Antivirus, Proxy, Email, IIS, Apache, Firewall, VPN
Certifications are a plus but not required, depending on experience:
GCIH, GREM, GCIA

2+ years Experience in Forensic Investigations with the following components preferred.

Digital evidence acquisition
Artifact recovery and analysis
Creating and analyzing timelines
Windows & Unix forensic analysis
EnCase, FTK, and SIFT
Executive and Technical Reporting
Certifications are a plus but not required, depending on experience
GCFA, ACE, EnCE, CCE

Experience with Red Team engagements is a plus

Vulnerability Scanning and Ethical Hacking
Exploit Frameworks (Metasploit, CANVAS, Core Impact)
Web Application Penetration Testing (Samurai, WebInspect, Hailstorm, Burp Suite)
Certifications are a plus but not required, depending on experience
OSCP, OSCE, GPEN
EOE