Monday, October 21, 2013

SOC Analyst- Dearborn MI

The SOC Analyst will be on-site at Customers Dearborn, Michigan location. The SOC Analyst will be will be on a team of three analysts augmenting the customers SOC and CIRT capabilities, working with the customers staff and management.

Responsibilities for the SOC Analyst may include but would not be limited to:

-Assisting in building SOC and CIRT processes, procedures, and training

-Ability to deliver technical training in areas such as incident handling, event analysis and correlation, general SIEM skills, IDS/IPS and log monitoring, threat management, etc.

-Eyes on glass monitoring and resolution of security incidents within established customer Service Level Agreements.

-Performing daily operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Monitoring tools, network and host based intrusion detection systems, firewall logs, system logs (Unix & Windows), mainframes, midrange, applications and databases.

-Additional responsibilities will include performing documentation review and improvement, attending meetings as needed, serve front line response for troubleshooting low-level engineering issues as needed.

-Collaboration with Line of Business technical teams for issue resolution and mitigation.

-Communicate and escalate issues and incidents as required by process or management.

-Specialize in network and log-centric analysis.

-Use of IDS, IPS, and/or other signature matching technology

Additional Responsibilities

Perform other essential duties as assigned

SOC Analyst Knowledge, Skills, & Abilities :

-3 - 5 years of Information Technology experience with network security technologies, specifically TCP/IP, and related network tools.

-A sound understanding of TCP/IP and networking concepts

-Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management

-Understanding of source code, hex, binary, regular expression, etc.

-Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)

-Experience with QRadar a plus

-Strong deductive reasoning, critical thinking, problem solving, and prioritization skills

-Experience assisting the development and maintenance of tools, procedures, and documentation

-Customer service including the resolution of customer escalations, incident handling, and response

-Experience in a fast paced, high stress, support environment

-Subject matter expert (SME) in one or multiple areas such as Windows, Unix, Midrange, Mainframe, Firewalls, Intrusion Detection, Threat Detection Analysis, or Information Risk Management

-Ability to follow detailed process and procedure documentation

-Ability to present complex solutions and methods to general community

-Demonstrated ability to be reliable and flexible

-Excellent written and verbal communication and organizational skills

-Outstanding work ethic

-Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources

-Network, Security, or Platform certification(s) (S+, N+, MCSP, CNA)

-CISSP or SANS GIAC GCIA certification desired

Position is a SOC Analyst (Security operations center), must have security analysis or incident response experience.

Solid network security experience, logging architecture, IDS/IPS rules and alerts

Strong analytical and critical thinking skills

IBM Qradar experience is strongly desired



News Source


Post a Comment

Copyright © . Search job listings to find a job online in USA - Posts · Comments
Theme Template by BTDesigner · Powered by Blogger