Американская фармацевтическая компания.
28 января 2018

Technical Support Engineer TIER3 (вакансия неактивна)

Одесса, за рубежом, удаленно до $2500

Необходимые навыки

Generic Skills
Must understand Windows Security Operations and Architecture including:
— Kerberos Authentication
— NTLM Authentication
— Windows Firewall
— Encryption, Key management, Windows PKI — must understand the symmetric and asymmetric keys
— Strong investigation capabilities including
— Facility with Windows logs — must be able to leverage logs
— Various command line internal and external tools to investigate events, flows, and activities
— Reporting: Capability to create reports out of logs and look up log data quickly

Technical Skill Set and Skill Level (Beginner, Intermediate, Advanced, Expert)

Active Directory: Expert
GPO — Skill Level: Expert
Powershell — Skill Level: Expert
Must be skilled at developing scripts, reading and understanding existing code
Powershell JEA (Advanced)
DSC (Desired State Configuration): Advanced
Creating and using MOF files
Windows Firewall: Advanced
ability to manage rules via command line, automate rule creation, reporting and review
User (Logon) Rights management: Advanced

Certifications

Required: SANS GIAC Certified Windows Security Administrator (GCWN)
Desired: Any SANS Forensic or Incident Response certifications

Будет плюсом

English
work experience in international company

Предлагаем

Работа в стабильной компании.
Стажировка и обучение в США.
Медицинская страховка
Официальное оформление
Флексибильный график
Достойный уровень заработной платы

Обязанности

Operational Responsibilities

Incident handling and remediation

Respond to incident alerts from Crowsdstrike
Create custom IOC detections from logs and other methods. Establish custom alerts.
Notify and remediate when a breach,malware, or data leak event has occurred.

Patch Management

Create and review reports
Validate completion of patch jobs
Determine highest risk hosts with patch gaps
Establish patching requirements based on existing controls

End Point Protection

Respond to and remediate Crowdstrike alerts
Investigate root cause for alerts,

IOC and IOA

Establish and document control requirements for relevant IOCs and IOAs
Create detection mechanisms for these IOCs and IOAs
Create and automate weekly reporting of IOCs/IOAs

User and Privileged Access Account Controls

Daily review of Privileged Accounts
Validate and investigate new accounts
Check account activity for unusual behavior

Threat Hunting

Hunt for threats, breach attempts and successful compromise in our environment using tools like Crowdstrike, Windows Logs, custom tools

Configuration Validation and Enforcement

Tracking and reporting Config Drift
Review host encryption % and status

Generic Reporting

Create daily RFB checks
Create weekly reports on Configuration Compliance

О проекте

Salary will be discussed according to experience .

. Вы откликнулись на эту вакансию.
Представитель компании получит уведомление и свяжется с вами через какое-то время.
Прикрепите резюме:

Отменить