Tuesday, September 9, 2014

PERM Security Operations Specialist

Fruit of the Loom
Security Operations Center Analyst
Department: IT Security
Salary perks: 10%-15% bonus

The SOC analyst is responsible for identifying high visibility security event analytics and working with management and technical IT and Security staff to contain and mitigate issues. The SOC analyst works primarily with our Security Information and Event Management platform to identify anomalies, malware, exploit attempts and other attacks on FOTL’s network infrastructure and data. The SOC analyst's job is to protect FOTL’s information by watching for malicious attacks against the devices which provide the confidentiality, integrity and availability of our critical information.

The SOC analyst delivers pertinent, timely and actionable security incidents to IT Management and technical staff. The analyst works with the technical security team providing feedback from the SOC and develops new correlation policies/rules. Information fed back includes threats seen and what needs to be seen across the infrastructure. The SOC analyst is a skilled security professional who has experience in identifying, documenting, mitigating and consulting on today's security threat landscape.

• Security event detection and analysis -Identify and isolate anomalous security events to determine if they are an attack against our network environment. Work with IT Technical staff and IT Management to contain and eradicate the issue.
• Technical Counter Measures -Works with Security Architect, IT Management and IT Technical staff to determine where technology failed and assists the architect and other IT members in developing new technical security counter-measures to protect FOTL assets and network environment.
• Event Correlation– Writes security event detection rules to ensure the Security Information and Event Management (SIEM) detection capabilities stay current with the latest trends in security attack vectors and malware.
• Research - researches latest security threats, malware, and attacks to determine impact to the FOTL environment.
• Additional SOC Tasks as Required

Required Qualifications
• 3-5 years of Information Technology experience with network technologies, specifically TCP/IP, and related network tools and concepts.
• Knowledge of scripting language and ability to automate things as necessary.
• Demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management.
• Ability to understand hex & binary and perform packet analysis on
• malware.
• Experience with reviewing raw log files, data correlation, and analysis
• (i.e. firewall, network flow, IDS, system logs).
• Subject matter expert (SME) in one or multiple areas such as Windows,
• Unix, Firewalls, Intrusion Detection, Threat Detection Analysis, or
• Information Risk Management.
• Bachelor's Degree is preferred.
• Experience identifying, documenting, mitigating, and consulting on
• enterprise security threats.
• Experience in ArcSight, LogRythm, or a proprietary SIEM.
• Clear and concise written and oral communication skills.
• Proactive in following up on issues.
• Preferred Security Certifications CEH, GCIA, CISSP.