Sr. Security Operations Center (SOC) Analyst - Military veterans preferred

2019-01-05
SAIC (www.saic.com)
Other

/yr

  full-time   employee


Santa Ana
California
92705
United States

Description

JOB DESCRIPTION: This position will be an asset of the 24/7 Security Operations Center (SOC) monitoring and incident detection team. The candidate must have 3 years professional experience in cybersecurity, information risk management, or information systems risk assessment in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC). Additionally, the candidate must be knowledgeable in vulnerability assessments, intrusion prevention and detection, access control and authorization, policy enforcement, application security, protocol analysis, firewall management, incident response, data loss prevention, encryption, two‐factor authentication, web‐filtering, and advanced threat protection.

Job Specific Responsibilities:

  • Monitor the networks for malicious activity using Security Incident and Event Management (SIEM) toolsets. This will include responding to and investigating alerts, the development of new security monitoring use cases, and ensuring all investigative activity is properly documented in our ticketing systems and followed up with relevant support teams.
  • Triage issues escalated to the information security team, and ensure that appropriate follow- up actions are taken by the SOC.
  • Take responsibility for adhering to SOC documentation and processes.
  • Take responsibility for monitoring intelligence sources for potential threats and ensure appropriate defensive actions are taken with respect to these.
  • Take responsibility for running vulnerability scans against EROS infrastructure, interpreting these and following up issues with relevant support team.
  • Highly motivated individual with a genuine enthusiasm for information security and technology;
  • Willingness to work shifts (including unsociable hours and holidays where these fall into your shift pattern) as part of a 24x7 team.
  • Sound understanding of information security principles and best practices;
  • Good infrastructure and technology experience including demonstrable understanding of security operations;
  • Good communication skills both written and verbal;
  • Good knowledge of security issues inherent in common corporate environments;
  • Ability to prioritize workloads and to know when to seek guidance. 

VENDORS/TOOLS/MANAGEMENT SYTEMS

  • Wireshark
  • LogRhythm
  • ServiceNow
  • Keylight
  • Nessus
  • Microsoft Exchange Online Protection
  • Sourcefire
  • Blue Coat
  • Zscaler
  • McAfee Data Loss Prevention  

Qualifications

REQUIRED QUALIFICATIONS & EXPERIENCE

  • Bachelor degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and five years experience with a minimum of three years of experience in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
  • Must be able to meet all Law & Justice and departmental clearance requirements prior to starting work and be eligible to pass law enforcement level background investigations and obtain U.S. SECRET (or similar) clearances as required.
  • Demonstrated Experience with Cyber Security Monitoring and Detection including experience in at least two of the following areas: (a) Vulnerability Assessment; (b) Intrusion Prevention and Detection; (c) Access Control and Authorization; (d) Policy Enforcement; (e) Application Security; (f) Protocol Analysis; (g) Firewall Management; (h) Incident Response; (i) Encryption; (j) Web‐filtering; (k) Advanced Threat Protection 

KEY REQUIREMENTS

  • Bachelors Degree in related field and 5 years experience.
  • 3 years of Information Security experience
  • Information Security Certification such as: Security+, CISSP, CISM, CISA, CEH, GCIH, GCIA, GCFA, GREM
  • Experience monitoring services across multiple platforms
  • Ability to work independently and manage one’s time to meet commitments and expectations
  • Ability to remain organized and adapt to unexpected events, new facts, and rapidly changing circumstances
  • Ability to thrive in a sense-of-urgency environment and leverage best practices
  • Ability to effectively diagnose an issue and recommend a solution
  • Ability to be flexible and focused to deliver products with different priorities and timelines
  • Ability to build and maintain effective relationships with team members, customers, and external groups, as well as working in a collaborative environment DESIRED

QUALIFICATIONS & EXPERIENCE

  • Certified Information Systems Security Professional (CISSP)
  • Experience in Information Assurance Policy and Guidelines
  • NIST Special Publication 800-53
  • NIST Cybersecurity Framework
  • ITIL® Foundation Level or higher Certification