Stay in Touch

TITLE

 

Director of Information Security & Insider Threat

COMPANY

 

Dtex Systems

LOCATION

 

San Jose, CA, US

Description

Responsibilities:

  • Own maintenance of network routing and security products
  • Create, maintain, and refine network traffic flow diagrams for the enterprise network which reflect the current state.
  • Manage network segmentation for globally distributed workforce that contains a combination of in-office workers, remote workers, and various software development regions (dev, QA, production). 
  • Implement network, workstation, server, perimeter, and endpoint logging as required to gain visibility into network activity
  • Monitor aggregated logs for signs of suspicious lateral or internal/external traffic.
  • Conduct network, endpoint, and log analysis by utilizing various consoles on a regular basis (e.g., SIEM, IPS, firewall, etc.).
  • Responsible for proper escalation, communications, and management of IT system problems
  • Configure and manage network monitoring and reporting tools as to provide required operational and management information
  • Document procedures and make recommendations for improvements.
  • Create content (correlation rules, queries, dashboards, reports, etc.) in industry leading SIEM tools such as ElasticSearch.
  • Actively look for opportunities to augment and integrate with data collected from our internal endpoint monitoring solution. 

Requirements:

  • 3+ years of full time hands-on information security experience
  • Strong knowledge of information security principles and practices
  • Strong experience with enterprise-grade firewalls and networking equipment
  • Experience with incident response and analysis, preferably in a leadership role
  • Strong knowledge in the use of common information security and networking tools such as nmap, Wireshark, Nessus, etc.
  • In-depth knowledge of TCP/IP and networking concepts, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Strong knowledge of IDS/IPS, enterprise firewalls, proxies and other network security technologies.
  • Strong knowledge of security implications involving a variety of technologies including but not limited to Microsoft, Unix/Linux, and other market leaders in technology solutions, including mobile devices
  • Hands-on experience working with at least one enterprise SIEM platform (e.g., Splunk, Arcsight).  Strong knowledge of ElasticSearch and Kibana is preferred. 
  • Experience working in a software vendor environment is desirable
  • Strong written and oral communication skills
  • Ability to work independently with little or no supervision
  • Flexible work schedule to troubleshoot escalated issues out of hours and apply production changes where needed
  • Experience working with geographically distributed and remote workforce.
  • Windows and UNIX/Linux command line scripting experience and programming experience.

Apply for the job

Subscribe to our blog.


 

Blog & Newsletter Signup