Friday, October 2, 2015

Security Operations Center Analyst

Security Operations Center (SOC) Analyst This position is in our Security Operations Center (SOC) and is responsible for monitoring cyber security activity and data computing infrastructure; detecting, and responding to any activity found. Response could include but is not limited to: troubleshooting, analysis, diagnosis, communicating with stakeholders,and resolution or coordination of resolution via support groups or business units. This position works with our infrastructure, desktop support, and business unit operational centers to ensure the protection cyber related assets. JOB REQUIREMENTS: Must be capable of utilizing information security and monitoring tools Substantial knowledge of IT core infrastructure and cyber security components//devices preferred Minimum 3 year experience with TCP/IP Networking and knowledge of the OSI model preferred Minimum 3 year experience with OS management and Network Devices preferred Minimum 3 year experience with Intrusion Detection/Prevention Systems preferred Minimum 3 year experience with Antivirus Systemspreferred Minimum 3 year experience monitoring threats via a SIEM console preferred 3+ years performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention loClient Excellent problem solving, critical thinking, and analytical skills - ability to de-construct problems preferred Strong customer service skills and decision-making skills Exhibit initiative, follow-up and follow through with commitments Ability to support and work in a team environment Strong documenting and oral communication skills Ability to manage multiple priorities in a high pressure environment Understanding of IT Security and the ability to apply risk management principles in all aspects IT Security Ability to maintain confidentiality of data Must be able to work shifts including nights or overnight A formal education in Computer Science or a related field; or equivalent experience in IT Security related roles is required Formal IT Security/Network Certification such as CompTIA Security +, Cisco CCNASANS GIAC Certified Intrusion Analyst (GCIA) preferredExperience with packet analysis (Wireshark) and Malware analysis a plus Experience working in a Security Operations

Responsibilities:
MAJOR JOB RESPONSIBILITIES: Monitor incoming event queues for potential security incidents; Identify and act on anomalous network activity Perform hunting for malicious network activity Perform initial investigation and triage for potential security incidents Provide accurate & priority driven analysis on cyber activity/threats Perform payload analysis of packets Detonate malware to assist with threat research Resolve or coordinate the resolution (escalate) of cyber security events Create, manage, and dispatch incident tickets Monitor external event sources for security intelligence and actionable incidents Maintain shift logs with relevant activity Document investigation results, ensuring relevant details are passed to senior analysts and stakeholders Participate in root cause analysis or lessons learned sessions Write technical articles for knowledge sharing Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit operation centers. Must comply with any regulatory requirements. The Information Security function is responsible for cyber security across the organization as well as the related implementation of appropriate controls for regulations such as SOX, HIPAA, CA1386 and NERC/CIP. The function has direct responsibility for establishing cyber security standards, toolsets and processes and then matrixing them to the delivery, operation
. The Security Intelligence and Operations Center (SIOC) group is responsible for ensuring identifies and assesses threats to its network and data, monitors its network for malicious activity, investigates intrusions and other relevant events, and has a sophisticated and detailed understanding of the evolving threat landscape.

Mayur Tiwari