Description of Duties
The XXXX GSOC (Global Security Operations Center) is responsible for the information security of XXXX Enterprise and clients. The GSOC provides managed services to prevent and respond to computer security incidents, to comply with various Customer Requirements, Federal and State privacy, and security laws and regulations and to comply with contracts that include information security requirements. The GSOC Team also leads information security initiatives to protect XXXX confidential information, including intellectual property, as well as research and personal information.
The Security Analyst assists with the coordination of information security activities and collaborates with upper tiers within the GSOC to ensure that information systems are implemented and operating in accordance with a) Customer requirements, b) information security best practices and c) XXXX Policy and Federal and State laws and regulations.
The position requires participation in the shift rotation to support a 24X7 security operations center. This position calls for a high level of integrity, good judgment, knowledge concerning issues of privacy and confidentiality, excellent oral and written communication skills, ability to work as an independent, productive, responsible, self-motivated member of a team in high pressure situations while maintaining a calm, customer-friendly perspective.
Perform systems and network analysis of intrusions to the network infrastructure, applications, operating systems, firewalls, proxy devices, malware detection and more in a fast-paced environment
Perform in-depth network security analysis and work with the GSOC analyst team conducting preliminary incident response, event analysis and threat intelligence
Monitor information security alerts to respond, triage, and escalate as needed
Perform continual monitoring of the environment to an effort to locate and remediate unauthorized activity
Review security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives
Provide both strategic analysis and near real-time auditing, investigating, reporting, and remediation, coordinating and tracking of security-related activities for customers
Process intelligence from various information security sources and integrate with protection devices
Perform correlation of events from network, enterprise and host sensors
Support information security projects
Assist in compliance efforts, processing security-related services, change control, security research
Risk analysis, vulnerability testing
Conducting information security systems analysis
Utilizing a variety of information security and computer tools
Function as a member of the information security team
Education and knowledge:
Bachelor's degree in computer science or related field; or equivalent experience (i.e., network security, operating system security, Internet/web security, IDS/IPS, penetration & vulnerability testing)
3+ years of experience in an Information Security role
5+ year of experience in an Information Technology role
Strong knowledge of policies, procedures, audits, and risk management
Computer Crime Laws and Regulations, Investigation Measures and Incident Response
Physical Environmental Security Threats, Vulnerabilities, and Countermeasures
Penetration Testing and vulnerability assessment experience
Demonstrated Technical Skills Desired:
Must be able to manage multiple tasks accurately and efficiently
Experience in information security, ideally in multi-platform environments
Operating systems knowledge and systems administration skills for various versions of UNIX, LINUX, and Windows
Experience with network protocols and packet analysis tools, such as Wireshark
Experience with analyzing security attacks and exploits
Basic understanding of programming concepts and code
Ability to understand and utilize HTTP and similar protocols for analysis and troubleshooting
Access Control Concepts, Methodologies, and Techniques
Cryptography, Key Algorithms, Key Distribution and Key Management
Experience in the evaluation of new technology and security threats as they arise
Familiarity with information security best practices
Demonstrated documentation skills including creation of project metric reports and the creation of communication plans and change control documents
Interpersonal Skills Desired:
Good judgment with an ability to form logical approaches consistent with information security best practices in response to information security events, while providing excellent customer service.
A high level of integrity, excellent judgment and knowledge concerning issues of privacy.
Ability to work as an independent, productive, responsible, self-motivated member of a team.
Excellent oral and written communication skills including the ability to effectively communicate technical concepts, policies, and procedures to individuals with a wide range of expertise and backgrounds.
Ability to work calmly and effectively.
Ability to manage time-sensitive security challenges as they arise, effectively utilizing work and project plans to manage deadlines.
Creativity to recognize and address new threats and security challenges as they arise.
The Information System Security Analyst requires enterprise IT experience in three (3) or more of the following areas: web applications, cloud computing, SaaS models, desktop applications, networking concepts and fluent in multiple Windows and Linux operating systems; and a minimum of two (2) years of experience within a technical security role (i.e., network security, operating system security, Internet/web security, DLP, anti-malware, IDS/IPS, penetration & vulnerability testing), internet security, and the ability to read and understand vulnerability bulletins, security event data from many sources.
Other Preferred Skills or Certifications:
Professional certifications from bodies such as CompTIA Security+, Network+, SANS GSEC, and/or equivalent.
General IT related certifications are also desired.
Data Correlation and Analysis
Critical thinking skills