The SAIC Cyber Security Center Support role is responsible for real-time 24/7 monitoring, analysis, and resolution of identified security events. Will perform daily operations utilizing a SIEM and monitor events from multiple sources including but not limited to firewall logs, system logs (Unix and Windows), network and host based intrusion detection systems, applications, databases, and other security information monitoring tools.
Monitor security event systems utilizing security information and event management (SIEM) tools.
Provide initial response and support to intrusion or security breach events
Document all events and tickets in the appropriate systems
Participate in knowledge sharing with other analysts
Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
Performing documentation review and improvement
Attending meetings as needed
Communicate and escalate issues and incidents as required by process or management
Additional responsibilities will include the support of Security Operations Center activities
TYPICAL EDUCATION AND EXPERIENCE:
A moderate understanding of TCP/IP and networking concepts
A moderate understanding of incident response methodologies
Deductive reasoning, critical thinking, problem solving, and prioritization skills
Customer service experience, including the resolution of customer escalations, incident handling, and response
Experience in a fast paced, high stress, support environment
Ability to follow detailed process and procedure documentation
Demonstrated ability to be reliable and flexible
Solid written and verbal communication and organizational skills
Outstanding work ethic
Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources