We are looking for an Information Technology Lab Lead that possesses strong experience in architectural creation, management, operations, and administrative of multiple functions that support worldwide consults that execute digital forensics and incident response work efforts.
Role Responsibilities
Setup and Maintain Network – Lab Lead/Administrators must set-up and maintain a complex IT network. If one is already in place upon hiring, the Lab Lead/Administrator’s job will be to maintain the network.
Monitor and Maintain Users over the Network – The Lab Lead/Administrator will also be required to monitor and maintain users over the network, managing, for example, individual user’s server space, access rights, login availability and other security settings.
Setup and Maintain Workstations and Servers – Lab Lead/Administrators will need to monitor each workstation in an office (or other type of building), ensuring that they are in working condition. She will also be in charge of installing necessary software on each workstation as needed by its users.
In addition, Lab lead/Administrators should be able to resolve most hardware or software problems quickly and efficiently.
Deploy or Install Patches and Updates – Conduct regular patching on servers, hypervisors, VM images, and workstations
Backup Data Regularly – A Lab lead/Administrator will be expected to ensure the data of a network by backing up any and all important data regularly. He will also be expected to be able to restore from these backups.
Training – Lab lead/Administrators will be expected to train other employees in the use of advanced programs and group procedures.
Evidence Custodian – Evidence must be handled appropriately. Physical evidence will be ingested, stored, and returned. The Lab lead/Administrator will also be responsible for evidence that is received with the SFTP server and will be required to maintain and troubleshoot the SFTP server.
The Lab lead/administrator is also responsible for the evidence that is stored on the network. The evidence must be secure and accessible. The admin must regularly back up the evidence and delete evidence upon case completion according with local and government guidelines.
Create and Maintain Virtual Machines – The Lab lead/Administrator will be required to create the appropriate virtual machines required for each case. The admin will need to monitor these machines during their use and is responsible for their deletion upon case completion. The admin will also provide support and troubleshoot any issues with the virtual machines created.
Software Support – The Lab lead/Administrator will be in responsible for providing the required software to consultants. This also means the admin is responsible for providing any necessary licensing and for maintaining the software and keeping it up to date.
Hardware Support – The Lab lead/Administrator is required to provide support for any hardware concerns. This may require ordering necessary hardware or shipping out any hardware required by consultants.
Linux Admin – The Lab lead/Administrator will also be required to work with Linux/UNIX based operating systems. The admin will be required to have a good basic understanding of the Linux OS, terminal commands, and general function.
Project Management – The Lab Lead/Administrator will often be required to start and maintain various projects. Projects may include major or minor upgrades to the IT infrastructure of the Lab. Projects may often be required for a large case or when upgrading the lab and relative services. It is important that the Lab Lead/Administrator is able to prioritize and organize in order to complete project tasks.
Network Knowledge – The Lab Lead/Administrator will be required to have a working knowledge of network protocols hardware and procedures in order to maintain the network and to monitor network traffic.
Hardware Knowledge – Lab Lead/Administrator should have a working knowledge of all network and PC hardware to include servers, desktops, and laptops.
Forensic Tools – Lab Lead/ Administrator should have a detailed knowledge of Forensic imagining and processing tools to support and troubleshoot these tools without vendor support.
Mentor People – Lab Lead/ Administrator should have the ability to guide and mentor more junior lab personnel in learning all aspects of the lab functions.
As a managed security provider, SecureWorks expects its employees to understand and apply commonly known security practices and possess a working knowledge of applicable industry controls such as NIST 800-53. Employees will be expected to acknowledge their security responsibilities in writing prior to gaining access to company systems. Employees will be required to maintain a working knowledge of local security policies and execute general controls as assigned.
Position Summary & Responsibilities
Qualifications
Requirements
-Must possess critical thinking and the ability to solve problems;
-Must possess a strong understanding of Windows operating systems and Windows networking;
-Must possess a strong understanding of Linux operating systems (Primarily Ubuntu and Fedora)
-Lab Manager/Administrator must have a knowledge of VM Ware services such as ESXi, Workstation, VM Player and VMotion;
-Must be able to coordinate large IT projects, to include, design, architecting, purchase, timing, implementation and project closure;
-Handling evidence for complex computer forensics investigations and providing expert services in data leakage, employee malfeasance, and APT investigations;
-Understanding of compliance and audit requirements for an IT lab environment, e.g. FFIEC, PCI, ISO 27001;
-Must possess excellent written and verbal communication skills.;
-Must possess strong interpersonal skills due to client-facing duties;
-Must possess strong analytical capabilities and have a desire to learn new things;
-High energy level, comfortable performing multifaceted projects in conjunction with day-to-day activities; be resourceful and well organized
-Forensics: Encase, Helix, FTK, SawMill, X-Ways, SIFT
-Microsoft: 7, Vista, XP, 2003, 2008, 2012, IIS
-*nix: Ubuntu, Fedora, CentOS, Kali
-Other: SFTP, SSH, VPN, RDP, Firewalls, IDS/IPS Backtrack
-Compliance and Framework Experience
-Sarbanes Oxley, FFIEC, 27001/2, PCI, NIST 800 Series
-5 years’ experience in the information technology field;
-Bachelor's degree preferred or, preferably in computer science or information systems or equivalent work experience;
-While experience in a number of IT disciplines may provide a solid framework for this position, hands-on results from performing IT risk assessments, information security consulting or IT audits are most beneficial;
-PCI Forensic Investigations and QSA is desired for this position
Preferences
-3+ years of information Security experience preferred;
-Technical or professional certifications, such as CISA or CISSP, are a plus
Send To A Friend
Posts
