Posting ID: 7305012
* Candidates should be incident responders and network security monitoring analysts who are comfortable working in a 24x7x365 Security Operations Center (SOC) supporting customers in the America's Region (Canada through South America).
* Analysts will work collaboratively to detect and respond to information security incidents on client networks, and maintain and follow Service Level Agreements (SLA's) for security event alerting.
* The SOC Analyst will perform tasks including monitoring, research, classification, and analysis of security events that occur on client networks.
* Ability to learn and apply all aspects of tool usage in the SOC, use alert templates and any other ad hoc tools which are used as a part of a flexible and agile team to investigate Security Events.
* The SOC Analyst must be competent to work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.
* The SOC Analyst should have familiarity with the principals of network and endpoint security, current threat and attack trends, and have a working knowledge of security principals such as defense in depth.
* Understand the function of SIEM and log analysis. I.e. understand the purpose of the company's proprietary tool suite which is used to monitor logs of applications, databases, endpoints, firewalls, instruction detection and prevention systems (IDS/IPS), unified threat management systems (UTMs), web application firewalls (WAFs) file integrity monitoring systems (FIMs) and other network devices.
* Familiarity with tools such as Splunk, MapR, ElasticSearch, Unix, Linux, and other tools/capabilities typically operated in security operations.
* Customer service skills - ability to work directly with clients via telephone. Be an advocate for client requests in order to improve their information security posture.
* CompTIA Network+, Security+, CySa+, Cloud+ certifications are highly desirable
* SANS GSEC, GCIH, and other certifications are highly desirable
* Candidates must be fluent in IP networking in order to be successful in this role
* Previous experience working in an enterprise-class Network Operations Center/Security Operations Center (NOC/SOC) is desirable.
KNOWLEDGE, SKILLS AND ABILITIES:
* Knowledge of information security, networks, network devices and network monitoring tools
* Ability to work well independently and productively with minimal supervision
* Familiarity with IDS/IPS monitoring and analysis, network traffic and log analysis with an enterprise level SIEM tool, i.e. Log Rhythm, Splunk, ArcSight, QRadar, AlienVault, etc.
* Understanding/ differentiation of intrusion attempts and false alarms; Investigation tracking and threat resolution; Compose security alert notifications; Advise incident responders/ other teams on threats
* Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
* Recognizes potential, successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information. Assess the impact of potentially malicious traffic on client network and infrastructure.
* Communicates alerts to clients regarding intrusions and compromises to their network infrastructure, applications and operating systems.
* Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
* Relaxed work environment; dress code for SOC analysts includes jeans, shorts, t-shirts, ball caps; no flip-flops/sandals.
* Staff authorized to wear headphones and/or headsets while working.
* Standard watch floor environment. I.e. large monitors for event monitoring
* Every SOC analyst has two large monitors (or more) connected to their workstation
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
Recruiter: Sydney Hardin
Phone: (402) 952-1599