Job Description
Role: SOC Analyst/Security Engineer
Duration: Long term
Location: Washington, D.C.
ESSENTIAL DUTIES
The position's essential duties include the following:
• +/- 5-year experience as a qualified security analyst
• Defines and implements security configurations for threat detection/prevention tools
• Integrates threat, vulnerability, IT, Business to prioritize incident handling and investigation
• Perform analysis for security events as detected by various host and network-based tools
• Drive the remediation efforts for security incidents
• Document/communicate findings (case management) and after-action reports
• Analyze and report on actionable threat intelligence
• Generate reports and create documentation
• Knowledge of system and network architecture and integration – both technical and functional
• Demonstrated experience with performing security policy assessments
• Expert technical knowledge with infrastructure and security operations, vulnerability management, security automation, patch and configuration management (i.e. Nessus, Splunk, etc.)
• Knowledge of Common Network Terminology
• Knowledge of TCP/IP Addressing and Routing
• Supports vulnerability management and identification program and continuous monitoring for certification & accreditation.
• Supports the technical analysis of vulnerability data and recommendations for remediation for OS, Web, Database, Network and others; supporting vulnerability mitigation activities
• Performs the daily engineering operations for security monitoring, and vulnerability scanning
• Basic understanding in defending attacks utilizing security technologies
• Common Operating System security (Windows and Linux security, at minimum)
• During team meetings, take clear notes, participate and listen attentively
• Create documents on day to day procedures and find ways to refine those procedures when needed.
• Communicate in a clear, concise and logical manner when a problem arises to team members. Be able to document the problem with the necessary troubleshooting steps taken to remediate it for future reference.
• Perform Patch and Vulnerability Management tasks as assigned.
• Knowledge of the general principles and tenets of Information Security.
• Demonstrates continuous effort to improve operational performance, streamline work processes and work cooperatively and jointly to provide quality, seamless customer service.
• Perform other administrative and support functions as needed.
REQUIRED SKILLS AND QUALIFICATIONS
• Splunk, Nessus, FireEye, Carbon Black, Proofpoint
• Microsoft Excel, Word, PowerPoint, Access
• Good Communication, Leadership and Problem-Solving Skills
• Understanding and/or configuration of Security Appliances / Technologies:
• o Firewalls
• o Network Intrusion Detection Systems (NIDS)
• o Network Intrusion Prevention Systems (NIPS)
• o Security Event and Incident Management (SEIM)
• o Web Security Appliances (WSA)
• CISSP or CASP (CompTIA Advanced Security Practitioner)
• Security+ CE certification
EDUCATION
Degree in Computer Science, Information Science or related field SPECIAL SKILLS
Knowledge of Configuration Management tools. Examples: Puppet, Shavlik, SCSM
Knowledge of Network tools such as SolarWinds
Familiarity with any ticketing tool like JIRA, ServiceNow, Remedy, etc.
Please share resume to sridhar @ rampscorp . com