[Noisebridge-jobs] [Job] Intermediate/Senior Intrusion Detection System Engineer – Mountain View, CA

Irish irish.masms at gmail.com
Fri Jan 13 21:04:36 UTC 2012

Hello fellow hackerspace members!

We have a handful of positions in the local area with Mandiant
[http://mandiant.com/], as well as positions in SFO proper. All the
positions are on the Mandiant career page
but there is one position we are actively looking to fill for work in
the Mountain View area. If you have a strong technical background,
practical experience in information security and find yourself itching
for the chance to improve intrusion detection capability, then we want
to hear from you!

Join MANDIANT's Computer Incident Response Team (MCIRT) as an
Intrusion Detection System (IDS) Engineer and become part of a rapidly
growing and successful organization focused on today's emerging cyber
security threats. The successful candidate will possess current
technical skills and have experience supporting a 24x7 Security
Operations Center (SOC) in the areas of network security monitoring
and detection operations.

Operate and maintain enterprise Intrusion Detection System (IDS)
sensors distributed nationwide.
Ensure high reliability of IDS sensors by responding to and resolving
system issues.
Configure and manage feeds into enterprise event aggregation and
correlation systems (e.g. Splunk, ArcSight).
Optimize analyst effectiveness by ensuring signature quality in
collaboration with analysts and developers.
Maintain IDS signature deployment and repository, to include signature
tuning, analysis and development.
Ensure the integrity, availability and uptime of IDS and related
systems, to include performance base lining and measurement.
Document processes and procedures of all IDS and related
infrastructure operations and monitoring.
Document incidents and daily activities into designated system and/or format.
Provide on-call support during non-core business hours.
Assist technical team members to integrate IDS capabilities with other systems.
Assist technical team members with technical insight facilitating
ongoing incidents and mitigations.

Proven understanding and in-depth knowledge of Linux/UNIX platforms
and administration.
Proven understanding and in-depth knowledge of regular expressions.
Proven understanding and in-depth knowledge of scripting languages
(e.g., Perl, Python, Unix/Linux shell).
Experience with Intrusion Detection Systems (e.g., Snort/Sourcefire)
deployment, management, optimization, troubleshooting and use.
Familiarity with IDS/SIEM integration methodologies and best/common practices.
Familiarity with Intrusion Detection System signature development and
Experience with server and network equipment deployment, management,
optimization, troubleshooting and use.
Experience with network monitoring tools (e.g., tcpdump, Wireshark)
and understanding of network packets.
Solid understanding of network protocols and experience in traffic
analysis and packet inspection.
Ability to support implementation efforts for new technology
capabilities and transition them to production.
Ability to document and explain technical details clearly and concisely.

Thorough understanding of computer networking, routing and protocols.
Mastery of Unix/Linux and Windows operating systems.
Familiarity with OS X operating system.
Experience correlating security event data and leveraging SIM/SIEM frameworks.
Hands on experience with a variety of different IDS/IPS and SEIMs.
Familiarity with offensive attack sequences and defensible security.
Experience with network intrusion detection, monitoring and support,
to include understanding of common network threats, vulnerabilities
and possible mitigations.
Experience with writing and editing technical documentation and
operational procedures.
Experience analyzing network logs, syslogs, and/or IDS alert logs.
Working knowledge of desktop word processing and communications
software (Microsoft Office, Visio, Project, PowerPoint, Excel, etc.).
High level of project coordination/management skills to manage the
execution of maintenance activities, network outages and upgrades.

Bachelor's degree, or a combination of experience and/or Associate’s
degree. Degree must be from an accredited institution, degree in a
technical discipline preferred.
Minimum of five years of Information Technology and/or Information
Security experience.
Candidate selected will be subject to a US Government background
investigation and must meet eligibility requirements for access.
Willingness to travel up to 10%.

LOCATION: This position is located in Mountain View, CA

*MANDIANT does not sponsor employment-based visas.


Position to apply:

Full details are listed in the posted position description on the
career site – background in different operating systems and networking
environments a plus. Having Security or Network Operations Center (NOC
or SOC) or Computer Security Incident Response Team (CSIRT) a big
plus. A willingness and desire to learn is a really big plus.

Thank you for your attention, and for passing along to any colleges
who may be interested.

More information about the Noisebridge-jobs mailing list