Seeking Security SOC engineers (3) to provide proactive security events analysis to manage incident response life cycle.
Analyze threat intelligence data for system tuning/verification of latest industry threats.
Provide increased coverage for security incident analysis and response.
Identify high impact data collection for improved detection.
Drive incident response.
Experience in IT networking, application support, desktop support and or server support.
3 years experience within a technical security role (network, operating system security, Internet/web security, Firewalls, anti malware, IDS/IPS, penetration and vulnerability testing).
Network monitoring experience (packet/protocol analysis).
Knowledge of networking (TCP/IP, topology, and security) operating systems (Windows/Unix) and web technologies (Internet security).
Ability to read and analyze security event data including, security event logs, Firewall logs and syslog.
Experience with web application security, database security.
Strong experience in Scripting, operational/process automation, data visualization, data correlation and analysis. Bachelor's degree.
Level 2 Security SOC Analyst Monitor security technologies, such as IDS/IPS, syslog, file integrity, vulnerability scanners.
Correlate and analyze events using Tools to detect IT security incidents.
Follow operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
Provide 24x7 Operational Support on a rotating shift schedule.
Qualifications: 2-5 years. of information security related experience in areas such as security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or Firewall administration.
2-5 years. experience of one of the following: Network operations or engineering-System administration on UNIX, Linux or Windows. TCP/IP knowledge, networking and security product experience.
Technologies and product knowledge and experience with Firewalls, network IDS, scanners.
Knowledge of SIEM technologies like Arcsight, RSA envision, Log Logic, common security device functions such as IDS/IPS, network and host based Firewalls, DLP, DAM, etc.
Common network device functions, such as Routers, Switches, hubs, etc.
Windows operating system tasks, such as installations, services, sharing, navigation, etc.
Protocol analysis experience with tools like Wireshark, Opnet, Gigiastor preferred.
Kapsis - 19 months ago