Description
Client is seeking network security operations center (SOC) analyst to serve as a part of a security operations center team.
Responsibilities include, but are not limited to
- Perform in depth network security analysis and work with the SOC analyst team conducting incident response, event analysis and threat intelligence
Oracle IM environment will require SOC analyst to take the security events distributed to them by Client and investigate the event and generate correction tickets as necessary. They need to have a thorough knowledge of IM environment and interface as necessary with various resolver groups to actually determine the issue for ticket generation.
Some examples of the type of events are as follows:
1. Virus outbreak
2. Server comprises
3. Un-authorized scans
4. Un-authorized access
5. Absence of a critical third part patch
6. Firewall errors
- The mission is risk management through centralized analysis using the combined resources consisting of personnel, dedicated hardware and specialized software. These resources offer continuous events monitoring and risk analysis to detect intrusion to guarantee protection against it.
- The SOC consists of monitoring and analysing all types of systems, devices, or applications events such as users activities, Firewall activity, Intrusion Detection System (IDS) activity, antivirus activity, individual vulnerabilities, etc
- Provide both strategic analysis and near Real Time auditing, analysing, investigating, reporting, remediation, coordinating and tracking of security-related activities
- Analyze data and prepare reports that document vulnerabilities from network based attacks and recommends actions to prevent, repair or mitigate these vulnerabilities
- Provide technical mentoring to other team members
- Provide technical expertise on post event network security logs and trend analysis
- Review security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks and discern false positives and provide results to client
- Perform correlation of events from a variety of network, enterprise and host collection sensors
- Demonstrate both technical acumen and critical thinking abilities
Position Requirements
- Bachelor's degree in computer science, software engineer and information systems security and three or more years of security operations/intelligence analysis experience.
- Industry recognized professional certification (ie, CISSP, GCIH, GCIA, GIAC) will be helpful
- Direct experience in security operations center, network event analysis, threat analysis, intelligence analysis