Wednesday, April 1, 2015

Security Operations Center (SOC) Manager

We are seeking a Security Operations Center(SOC) Manager with expertise in network security monitoring and incident response for a contract or contract to hire position with our Temple, Texas based client. The ideal candidate will be open minded, bring fresh ideas to the SOC team and be ready to protect, defend and respond to information security related events. As SOC Analyst, you will assist the team responsible for security awareness and enforcement by pulling together information from a variety of systems and normalizing and correlating the information. The SOC provides real-time (or near real-time) detection and reaction services for information security incidents within the Global Payment enterprise.

Responsibilities include, but are not limited to:
• Perform in-depth network security analysis and work with the SOC analyst team conducting incident response, event analysis and threat intelligence for the corporate enterprise
• Provide both strategic analysis and near real-time auditing, analyzing, investigating, reporting, remediation, coordinating and tracking of security-related activities for the corporate enterprise
• Analyze data and prepare reports that document vulnerabilities from network based attacks and recommends actions to prevent, repair or mitigate these vulnerabilities
• Provide technical mentoring to other team members
• Establish and create standard operating procedures for a variety of computer network defense (CND) related tasks/positions within the team
• Provide technical expertise on post event network security logs and trend analysis
• Review security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks and discern false positives and provide results to management
• Perform correlation of events from a variety of network, enterprise and host collection sensors
• Coordinate and liaise with other departments within the company and external auditors with information regarding intrusion events, security incidents, and other threat indications and warnings information
• Demonstrate both technical acumen and critical thinking abilities
• Experience with trouble ticketing and change management tools

Security Operations Center personnel duties include, but are not limited to:
• Coordination and escalation of issues to the Incident Response team
• Provide detection and response to security events and incidents within the Global Payments Enterprise Network
• Web application vulnerability scanning
• Security log management and monitoring
• Intrusion detections and prevention systems operations
• Maintaining information security metrics
• Provide assistance to core security and incident response teams
• Enterprise encryption standards development and support
• Assist with handing out work assignments to junior team members

SOC personnel will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to facilitate response to incidents at a global scale. You will work with malware, network and incident response analysts to coordinate a best in class response to computer related incidents.
 
Position Requirements
• Bachelor’s degree in computer science, software engineer and information systems security and three or more years of security operations/security analysis experience; additional relevant work experience would be considered in lieu of degree
• Industry recognized professional certification (i.e., CISSP, GCIH, GCIA, GIAC) will be required within the first year of employment
• Direct experience in security operations center, network event analysis, threat analysis, intelligence analysis
• Demonstrate a variety of skills across the Computer Network Defense spectrum
• Past experience with or current understanding of security operations centers and network systems extremely beneficial
• Knowledge/Experience with Envision, NetWitness, DLP, and other RSA security products, Trend Micro, Symantec Netscreen, Checkpoint firewall, Tenable Security Center, BigFix and EnCase Enterprise is desired
Security Requirements:
• Applicants must have a standard criminal background check performed

Required Skills
• 3+ years of experience administering and supporting Windows and at least one other OS (Apple or Linux-based OS)
• 1+ years of experience using information security tools in an enterprise environment
• 2+ years of experience working on computer security team

Desired Skills
• Security log management
• Strong analytical, documentation, and communication skills
• Understanding of IDS & IPS technologies
• Understanding of Windows event log analysis
• Experience with enterprise information security data management tools such as ArcSight or Splunk
• Understanding of network traffic analysis
• Experience with trouble ticketing and change management tools
• Bachelor’s degree in Information Security, Computer Science, Information Technology or related degree
Security Requirements
• Applicants must have a standard criminal background check performed
 
 
Lance B. Wheeler
Technical Recruiter