Monday, July 18, 2016

Information Security Operations Analyst

This is a six month contract position. They're looking for someone who has 1+ years of experience in a security role with a working knowledge of Splunk; and who has experience/knowledge of SIEM, Firewalls, and anti-virus. Security certifications are a plus.

1+ years of experience in technical role with notable exposure to security (or have a Technical Degree)
Working knowledge of analyzing events from SPLUNK SIEM.
Ability to work shift work in a 24/7/365 environment
Experience with/knowledge of IT security devices such as: Security Information & Event Management (SIEM) systems, firewalls, and/or antivirus management
Investigative and analytical problem solving skills

Description:
Understand and apply commonly known security practices and possess a working knowledge of applicable industry controls such as NIST 80053. Required to maintain a working knowledge of local security policies and execute general controls as assigned.

Role Overview:
Security Analysts perform real-time log analysis to provide network and data security for clients leveraging log correlation platforms. Analyst staff a 24/7/365 Security Operations Center. Analysts evaluate the type and severity of security events by making use of packet analyses and their in-depth understanding of exploits and vulnerabilities. Analysts resolve client issues by taking the appropriate corrective action, or following the appropriate escalation procedures. Analysts work in a team environment and monitor the health and wellness of security devices on our clients networks. Qualified candidate MUST be flexible for shift work.

Responsibilities:
Respond to inbound phone and electronic requests for technical assistance from customers
Perform all tasks required per shift including reporting, monitoring, and turnover.
Evaluate threats and determine impact to customers environment
Assess incident severity and escalate to the next level as needed
Perform additional event/incident investigation and research as needed
Utilize internal guidelines for effective call processing and escalation and client service
Interact with network intrusion detection devices and other security systems via proprietary and commercial consoles, both local and remote
Manage customer accounts and confidently communicate technical information to client base and internal technical team members
Maintain keen understanding of evolving Internet threats to ensure the security of Client networks
Participate in knowledge sharing with other analysts and develop customer solutions efficiently
Coordinate or participate in individual or team projects to ensure quality support for our clients
Perform other essential duties as assigned Requirements
Working knowledge of analyzing events from SPLUNK SIEM.
Ability to work shift work in a 24/7/365 environment
1+ years of experience in technical role with notable exposure to security (or have a Technical Degree)
Experience with Microsoft Windows and related security concepts
Experience with network connectivity and protocols such as TCP/IP, VPNs, VLAN, NAT, DHCP
Experience / Knowledge of variety of Intrusion Detection/Prevention platforms
Experience with/knowledge of IT security devices such as: Security Information & Event Management (SIEM) systems, firewalls, and/or antivirus management Investigative and analytical problem solving skills
Understanding of security threats and attack countermeasures
Knowledge of current security events and a demonstrated passion to stay informed Preferences
Bachelor's Degree or equivalent in an IT/Technical field or equivalent work experience
1+ years of experience in security role
Coding or scripting experience
Familiarity with Unix/Linux
Security+, GIAC, GCIA, GCIH, GCFW, GHTO, GSEC or similar certification
CISSP, CCNA, CCSP, CSPFA certifications a plus

Adam Berg
adam.berg@experis.com