Category: News

Security/Log Analyst Opening at Q1 Labs Inc.

q1Position: Security Analyst

The Security analyst will be responsible for providing expertise with analysis of a variety of security and network technologies in order to integrate these 3rd party products with our technology. The candidate will need working knowledge categorizing logs and extending the information from these devices to correlate information about potential vulnerabilities etc. Working within a small team, the successful candidate must have a strong work ethic, the ability to work as part of a team, and work within a fast-paced and dynamic environment.

Requirements:
• Have experience with a variety of security and network technologies, applications, operating systems, and databases. Knowledge of how all of these devices work and communicate within a networked environment is essential.
• Strong scripting skills
• System and application development experience a plus
• Understanding of log transport protocols (syslog, snmp, etc)
• Bachelor and/or Masters Degree in a related field or an equivalent combination of education and experience.

Responsibilities:
• Work closely with product management and the integration team to identify, categorize and correlate events from a variety of devices.
• Continuously monitor vendor websites, discussion forums, and technical publications to identify new products and updates.
• Match device events to known vulnerabilities.
• Maintain a collection of sample logs, attributes, documentation and configurations from third party devices and implement a database to share that information with other members of the organization.
• Work with the team to improve the product quality and processes.
• Identify new rules and reports to identify important events within and across networked devices.

Required Skill Set:
• At least 4 years experience in system administration or IT Security field.
• Experience with Perl and Java
• Experience working within a Linux environment
• Flexible, able to adapt to changing requirements, scope, and schedule.

Please send me an email if you’re interested at andrewsmhay(shift-2)gmail.com.

Invited to Contribute to The Encyclopedia of Information Assurance

bookMy friend and colleague Rebecca Herold has graciously invited me to contribute a section on Detective Controls: Effectively Using Logs to her upcoming book, the Encyclopedia of Information Assurance (AUERBACH, ISBN 1420066757). I have humbly accepted and look forward to contributing to what sounds like a fantastic resource for the security community.

Andrew, What’s Up?

dohHey All,

I thought I’d drop a quick post to let you know what’s been keeping me occupied (and away from blogging) for the last few weeks:

Studying For My CISSP Exam

As many of you know, out of spite, I’ll be taking my CISSP exam on June 28th in Ottawa, Ontario, Canada. This is taking quite a bit of my time so I am very “head-down” trying to jam as much information into my head as possible. Wish me luck!

Writing Another Book

I’ve also signed on to write the Nokia Firewall, VPN, and IPSO Configuration Guide (Syngress, ISBN 9781597492867). Note to self, don’t agree to author a book when planning for a large exam.

Drafting Call-For-Papers for Various Conferences

I’ve been trying to get a bunch of CFPs drafted for various fall conferences. Takes a lot of time to produce quality papers that have a chance of being accepted.

SANS GIAC Gold Paper

My SANS GIAC GCIH Gold paper is due August 22nd, 2008 so I’ve been working on getting all the information I need together to draft a killer paper.

Busy, busy, busy 🙂

Scroll to top