Security Operation Center Analyst
Security Operation Center Analyst Responsibilities:
The Information Security Engineer is responsible for deployment and administration of MegaplanIT’s enterprise security solutions (SIEM, Firewall, Antivirus, etc) that we manage for our clients relating to our MSSP practice.
The MegaplanIT, Security Engineer deploys and maintains security tools within our client’s environments.
• Deploy, maintain and troubleshoot SIEM’s, Firewalls, Anti Virus, and other security products within our client’s environments.
• Perform network security monitoring/management and incident response for large client organizations
• Coordinate with client IT departments to maintain solutions that MegaplanIT deploys and monitors.
• Work with our 24/7 SOC to remedy issues within client environments
• TCP/IP networking (IP addressing, DNS, Routing, Switching, Ports and Protocols)
• Unix / Linux operating systems
• Vulnerability management
• Hardware deployment
• Network Security Devices (IDS/IPS, NGFW, WAF, NGAV)
• Scanning technologies
• Current events in Cyber Security and associated patching and remediation efforts
• OSSEC, Snort, Suricata Experience
• Experience with at least one SIEM i.e Alienvault, Logrhythm, Splunk, Qradar. Firewalls such as Fortinet, Sonicwall, and Palo Alto.
• Knowledge of creating Security Information Event Management (SIEM) policy rulesets.-Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
• Consolidate and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
• Interface with a variety of customers in a polite, positive, and professional manner.
• Take responsibility for customer satisfaction and overall success of managed services.
• Respond in a timely manner (within documented SLA) to support tickets.
• Be available, ready, and able to promptly handle incoming support calls in support of our contractual customer SLAs.
• Communicate alerts to organizations regarding intrusions and compromises to their network infrastructure, applications and operating systems. Assists with implementation of counter-measures or mitigating controls.
• Prepare briefings and reports of analysis methodology and results.
• Adhere to policies, procedures, and security practices.-Resolve problems independently and follow documented escalation procedures.
• Recommend changes to Standard Operating Procedures and other similar documentation.
A preferential candidate will also have:
• Ability to work as part of sales team to formulate account strategies.
• Experience with building strong relationships throughout the sales cycle with our customer’s technical staff.
• Ability to articulate product positioning and competitive differentiation to both business and technical users.
• Experience with responding to functional and technical elements of RFIs/RFPs
• Excellent verbal, written and presentation skills
Must be lawfully permitted to work in the United States without sponsorship;
The information outlining the job duties and responsibilities is a general overview and may be subject to change
Job Type: Full-time