Senior Analyst - File Integrity Mgt/Tripwire/Firemon
Company Name:
Macy's
Overview:
The Sr. Analyst, Information Security Response will perform daily monitoring of security events to detect threatsthrough analysis and investigations and prioritize incidents based on risk andexposure. This position will respond to security alerts and manage escalatedincidents through the incident response process requiring experience withcreating reports and excellent communication skills for incident management.
The Sr. Analyst, Information Security Response should have experience andunderstanding of multiple security platforms and layers including Anti-virus,Firewalls, Proxy servers, Intrusion Prevention Systems, LoggingCorrelation/management, Operating systems, Protocols and Incident Response.
Macy's Systems & Technology(MST) is the information technology division of Macy's Inc. Macy's Inc. is thenation's largest operator of department stores with over 800 department storelocations in 46 states. In addition, we operate major catalog and internetoperations for Bloomingdale's and Macy's. Macy's Systems & Technology isheadquartered in Johns Creek, a suburban setting northeast of Atlanta, Georgia.
We offer competitive salaries,comprehensive benefits, employee fitness center and a merchandise discount.
Key Accountabilities:
The Sr. Analyst, Information Security Response provides 24x7 monitoring of security detection devices in order todetect potential attacks as they occur and to provide information to onprevious malicious network attacks.
Respond to escalated security events or incidents and implementcounter-measures to reduce and/or mitigate further exposure. The analystperforms triage on events which are reported by various detection devices tofilter out things such as false positives and known accepted activities.
Perform system analysis and create reports to display trends and overallstatistics based on correlated security incidents and event data to producemonthly exception and management reports. Report unresolved network securityexposures, misuse of resources or noncompliance situations using definedescalation processes.
Other Duties as Assigned.
Decision Making:
The Sr. Analyst, Information Security Response makes decisions based on security events and situations that arises andwill make recommendations to management based on actions taken, incident statusand potential exposure and/or risks. The analyst will continue to be engagedwith management to provide updates and status to help clarify any decision thatis needed to made about a current security incident or risk exposure.
Skills
Summary:
o Maintains effective and efficient network or PC operating environment bymonitoring performance and identifying hardware, software and configurationsolutions.
o Instructs users on advanced features/functions of business and multipleapplications software.
o Resolves high impact and/or complex, chronic or cross-functional problems.
o Performs miscellaneous technical and administrative tasks in support of theLAN or PC environment.
o Identifies and alters/corrects all document sources affected by updates orchanges.
o Training and Coaching of other Information Security Analysts will berequired.
o Writes clear problem descriptions and instructions to aid other individualsor groups in problem duplication and resolution.
o Creates documentation for new programs or procedures (operations, user andprogrammers).
o Ability to create detailed and/or focused documentation and reports
o Skilled with support documentation tools in work environment
o Ability to explain technical concepts to technical or non-technical personnel
o Ability to communicate effectively verbally and in writing
o Minimum of 5 years' experience in IT or Information Security.
o Have experience with LogRhythm or other SIEM technology (HP ArcSight/McafeeNitro Security).
o Knowledge or skill to create AIE and/or correlation rules to detect threats
o Able to create daily reports and understand alerting workflow processes.
o Ability to understand, analyze and correlate security events and implementcounter-measures to mitigate against intrusion attacks.
o Maintaining security monitoring and reporting appliances in addition toleading and analyzing security reporting.
o Understanding of Incident response methodologies and assist with coordinatingsecurity incidents.
o Strong knowledge of TCP/IP, HTTP, FTP, cookies, authentication, virusscanning, web servers, SSL/encryption and reporting packages.
o Ability to decode and understand traffic flow at packet level traces (skilledwith TCPDUMP, PCAPs, traffic generators, etc).
o Identify common network and web site attacks such as SQL injection, crosssite scripting, remote file inclusion and cookie manipulation.
o Understanding of web applications authentication, session management,requests, form submission processes.
o An understanding of a wide array of server grade applications to includeLotus Notes, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory,Identity Management, Patch Management, LDAP, SQL, and others
o Experience with a host based FIM (File Integrity Monitoring) solution (Tripwireor similar).
o Working knowledge of Juniper SSL VPN Appliances.
o Experience or working knowledge of Cisco ACS (Tacacs).
o Working knowledge of RSA SecurID Token environments
o Experience or working knowledge of Cisco Routers and switches.
o Ability to perform IDS / IPS real-time monitoring analysis and/or networkforensics.
o Working knowledge of Check Point Firewalls R70/R75 including Provider-1 .
o Experience or working knowledge of Cisco ASA 5500 and FWSM Firewalls.
o Working knowledge of Enterasys IDS/IPS and Behavior Flow Appliances and the SIEM/DSCCconsoles.
o Have an understanding and working knowledge of regulatory and audit mandatesto ensure environments meet PCI, FFIEC, SOX and corporate standards.
o Bachelor's Degree and 5-7 years of related experience or an equivalentcombination of education and experience.
Macy's is an equal opportunity employer, committed to a diverse and inclusive work environment.
Company Description:
Macy's, Inc. is one of the nation's premiere Omni channel retailers, employing a diverse workforce of approximately 172,500 associates. The company operates the Macy's and Bloomingdale's brands with about 840 stores in 45 states, the District of Columbia, Guam, and Puerto Rico, as well as the Macy's and Bloomingdale's websites and 13 Bloomingdale's Outlet locations. Company shares are traded under the symbol M on the New York Stock Exchange.Estimated Salary: $20 to $28 per hour based on qualifications.
Macy's
Overview:
The Sr. Analyst, Information Security Response will perform daily monitoring of security events to detect threatsthrough analysis and investigations and prioritize incidents based on risk andexposure. This position will respond to security alerts and manage escalatedincidents through the incident response process requiring experience withcreating reports and excellent communication skills for incident management.
The Sr. Analyst, Information Security Response should have experience andunderstanding of multiple security platforms and layers including Anti-virus,Firewalls, Proxy servers, Intrusion Prevention Systems, LoggingCorrelation/management, Operating systems, Protocols and Incident Response.
Macy's Systems & Technology(MST) is the information technology division of Macy's Inc. Macy's Inc. is thenation's largest operator of department stores with over 800 department storelocations in 46 states. In addition, we operate major catalog and internetoperations for Bloomingdale's and Macy's. Macy's Systems & Technology isheadquartered in Johns Creek, a suburban setting northeast of Atlanta, Georgia.
We offer competitive salaries,comprehensive benefits, employee fitness center and a merchandise discount.
Key Accountabilities:
The Sr. Analyst, Information Security Response provides 24x7 monitoring of security detection devices in order todetect potential attacks as they occur and to provide information to onprevious malicious network attacks.
Respond to escalated security events or incidents and implementcounter-measures to reduce and/or mitigate further exposure. The analystperforms triage on events which are reported by various detection devices tofilter out things such as false positives and known accepted activities.
Perform system analysis and create reports to display trends and overallstatistics based on correlated security incidents and event data to producemonthly exception and management reports. Report unresolved network securityexposures, misuse of resources or noncompliance situations using definedescalation processes.
Other Duties as Assigned.
Decision Making:
The Sr. Analyst, Information Security Response makes decisions based on security events and situations that arises andwill make recommendations to management based on actions taken, incident statusand potential exposure and/or risks. The analyst will continue to be engagedwith management to provide updates and status to help clarify any decision thatis needed to made about a current security incident or risk exposure.
Skills
Summary:
o Maintains effective and efficient network or PC operating environment bymonitoring performance and identifying hardware, software and configurationsolutions.
o Instructs users on advanced features/functions of business and multipleapplications software.
o Resolves high impact and/or complex, chronic or cross-functional problems.
o Performs miscellaneous technical and administrative tasks in support of theLAN or PC environment.
o Identifies and alters/corrects all document sources affected by updates orchanges.
o Training and Coaching of other Information Security Analysts will berequired.
o Writes clear problem descriptions and instructions to aid other individualsor groups in problem duplication and resolution.
o Creates documentation for new programs or procedures (operations, user andprogrammers).
o Ability to create detailed and/or focused documentation and reports
o Skilled with support documentation tools in work environment
o Ability to explain technical concepts to technical or non-technical personnel
o Ability to communicate effectively verbally and in writing
o Minimum of 5 years' experience in IT or Information Security.
o Have experience with LogRhythm or other SIEM technology (HP ArcSight/McafeeNitro Security).
o Knowledge or skill to create AIE and/or correlation rules to detect threats
o Able to create daily reports and understand alerting workflow processes.
o Ability to understand, analyze and correlate security events and implementcounter-measures to mitigate against intrusion attacks.
o Maintaining security monitoring and reporting appliances in addition toleading and analyzing security reporting.
o Understanding of Incident response methodologies and assist with coordinatingsecurity incidents.
o Strong knowledge of TCP/IP, HTTP, FTP, cookies, authentication, virusscanning, web servers, SSL/encryption and reporting packages.
o Ability to decode and understand traffic flow at packet level traces (skilledwith TCPDUMP, PCAPs, traffic generators, etc).
o Identify common network and web site attacks such as SQL injection, crosssite scripting, remote file inclusion and cookie manipulation.
o Understanding of web applications authentication, session management,requests, form submission processes.
o An understanding of a wide array of server grade applications to includeLotus Notes, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory,Identity Management, Patch Management, LDAP, SQL, and others
o Experience with a host based FIM (File Integrity Monitoring) solution (Tripwireor similar).
o Working knowledge of Juniper SSL VPN Appliances.
o Experience or working knowledge of Cisco ACS (Tacacs).
o Working knowledge of RSA SecurID Token environments
o Experience or working knowledge of Cisco Routers and switches.
o Ability to perform IDS / IPS real-time monitoring analysis and/or networkforensics.
o Working knowledge of Check Point Firewalls R70/R75 including Provider-1 .
o Experience or working knowledge of Cisco ASA 5500 and FWSM Firewalls.
o Working knowledge of Enterasys IDS/IPS and Behavior Flow Appliances and the SIEM/DSCCconsoles.
o Have an understanding and working knowledge of regulatory and audit mandatesto ensure environments meet PCI, FFIEC, SOX and corporate standards.
o Bachelor's Degree and 5-7 years of related experience or an equivalentcombination of education and experience.
Macy's is an equal opportunity employer, committed to a diverse and inclusive work environment.
Company Description:
Macy's, Inc. is one of the nation's premiere Omni channel retailers, employing a diverse workforce of approximately 172,500 associates. The company operates the Macy's and Bloomingdale's brands with about 840 stores in 45 states, the District of Columbia, Guam, and Puerto Rico, as well as the Macy's and Bloomingdale's websites and 13 Bloomingdale's Outlet locations. Company shares are traded under the symbol M on the New York Stock Exchange.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
