Cybersecurity Pcap/intelligence
Role summary
serve as a technical architect to perform security log, pcap/intelligence analysis and detect unknown threats and will work to perform analysis of current and future advanced persistent threats
role description
role will be working at a client to perform analysis of current and future advanced persistent threats • experience on advanced persistent threats (apt) based on evaluations of large quantities of information to formulate actionable information to improve the information network security. • possess experience with network intelligence gathering, incident analysis, reverse engineering of attacker methods, and analytical analysis of technical and non-technical indicators of intrusion, intelligence analysis supporting computer security. • current understanding of the latest software vulnerabilities, virus/malicious code and exploits, firewalls, intrusion detection systems, automated vulnerability scanning tools, or modeling and analysis techniques. • excellent analysis and verbal/written communication skills. • experience with ci databases, splunk / arcsight, vmware, sentinel, geolocation tools. • experience with pcap analysis and net flow analysis.
Role requirements
required skills
cybersecurity
cyber forensics
pcap analysis
wireshark
years of experience
10+ years
+8 Other ResponsesElectric Transmission Utility Cyber Security
We are looking for multiple experts who can speak about the cyber security spending habits of electric transmission utilities. We are interested with heads of cyber security within the electric transmission industry.
This is a paid 1-hour phone consult. Kindly respond with a brief answer to the space below:
1. Do you have clear visibility into and an understanding of your utility's electrical transmission cyber security spending habits?
2. Do you know the breakdown of your cybersecurity spending by key metrics such as: total spending, average spending per substation, spending on external managed services providers, spending on internal it team resources versus spending on external vendors, etc.?
+15 Other ResponsesTrends & Preferences Of Managed Cybersecurity Services
Scope: the main objective of this study is to understand the trends and preferences for managed cybersecurity services for “global 2000” companies
the study intends to understand:
• key managed cyber security services being consumed by large corporations – “global 2000” companies
• key features or capabilities preferred in the managed cyber security services being consumed (for managed detection and response, threat intelligence service, siem as a service, threat hunting, vulnerability management, and penetration testing
• preferred pricing models / price points for managed cyber security services
• estimated distribution of companies (from global 2000) between those undertaking end-to-end cybersecurity transformation, and those undertaking limited/targeted cybersecurity transformation
focus geography: us, western europe (uk, germany, france)
business focus:
• managed cybersecurity services (managed detection and response, threat intelligence, siem, threat hunting, vulnerability management, penetration testing)
number of experts: 5
timeframe: 20th january, 2021
expert job title(s):
• from managed security service providers (mssps) and cybersecurity consulting companies (sample set of people):
- account managerso sales managers/directors/vps
- manager (threat intelligence sales)
- cybersecurity sales specialist
- any other relevant/related roles
• from channel partners for mssps and consulting companies
- senior manager (corporate sales)
- strategic account manager
- others relevant/related roles
• other independent consultants and experts managed cybersecurity (especially for “global 2000” companies’ segment)
* we need to include current and former employees from the following companies:
- mssps (priority list of companies): fireye inc., secureworks inc., red canary, crowdstrike, deepwatch inc.
- consulting companies (priority list of companies): ey, deloitte, accenture, pwc, mandiant
- can include (second priority) other such mssps and consulting companies that provide managed cybersecurity services to "global 2000" companies.
Survey type: telephonic survey
duration: approx. 30-35 minutes
screening questions:
1. Would you be able to share insights on the (based on the key pointers for discussion mentioned) below?
Key pointers for discussion:
• key managed cyber security services being consumed by large corporations – “global 2000” companies
• key features or capabilities preferred in the cyber security services being consumed (for managed detection and response, threat intelligence service, managed siem, threat hunting, vulnerability management, and penetration testing
• preferred pricing models / price points of the managed cyber security services
• differences in preferences of services, between companies undertaking end-to-end cybersecurity transformation, and those undertaking limited/targeted cybersecurity transformation
+101 Other ResponsesCyber Security Incident
We would like to speak with multiple experts and understand in detail some of their insights and experience from selecting vendors for these panels. Expert must be with the top 15 cyber insurance carrier and must be considered as a senior professional in the industry.
More importantly, the expert must be in the leadership position of the cyber insurance division at one of the top 15-20 insurance carriers who are heavily involved in directly selecting or influencing the selection of vendors for incident response services for clients. These pre-approved lists are generally known as "cyber incident response vendor panels".
Discussion points:
a. Most common areas of friction between insurance carriers and incident response vendors
b. What advice would you give a new company looking to join an insurance carrier’s vendor panel?
C. What role do claims managers have in influencing vendor selection?
D. How do you evaluate a vendor’s worthiness for participation on your panel?
A. What is the process?
B. How long does the process take to add a new vendor?
C. What are the key things you are looking for and red flags that you are watching closely?
E. What is the average hourly rate for your incident response vendors on the panel (for services such as: digital forensics, incident response, malware reverse engineering, ransomware recovery, etc)
a. How does a lower hourly rate influence your willingness to work with a vendor?
F. How do weigh the size of a larger vendor compared to a smaller vendor (ie verizon or crowdstrike versus a competent and experienced 10 person outfit).
A. Do you care about whether the incident response company is using third-party tools and products for the incident versus their own tools?
G. How often do you approve off-panel vendors for the work in one of your claims?
H. Are there certain carriers or law firms that you think everyone else follows with respect to their vendor panel?
A. Which insurance carriers have the most demanding standards for incident response vendor panels?
B. Which insurance carriers have the most lenient standards for incident response vendor panels?
I. What law firms do you think do the best job or have the best team with respect to incident response?
This is for 60 mins paid phone consultation.
To show your relevance in this space, please answer the questions below:
1. Do you presently have a cybersecurity incident response vendor panel?
2. Do you have direct involvement in the selection of vendors on the incident response vendor panel (specifically for digital forensics and ransomware response companies)?
3. Can you provide a detailed understanding of the criteria for selection on the vendor panel?
4. Can you share your opinions of the leading incident response vendors for digital forensics?
5. Can you thoroughly talk about all the discussion points mentioned above?
*please note that we are only interested in your personal point of view and are not seeking confidential information. This is not a sales solicitation. All the information you provide us is kept strictly confidential. It is used for classification purposes*
+14 Other Responses
