6+Months
Phone and Skype
Reston, VA
Onsite
Job Title- Sr. Security Analyst Lead
Copy of driver’s License required.
- Looking for a 5+ year candidate keep that in mind when asking about rate please. (NO FLEX)
Key Responsibilities
- Ensure all threats at customer environment are detected and notified in timely manner.
- Ensure customer deliverables are being provided as per agreed service level agreements.
- Understand customer requirements and translate these into service outputs.
- Keep track of scope and scope deviations, scheduled and adhoc deliverables.
- Work with platform administration function to ensure integration of new devices, ensure health of monitoring infrastructure.
- Ensure threat scenarios and operating procedures are in line with best practices and customer expectations.
- Strong analytical and technical skills in computer network defence operations
- Incident Handling (Detection, Analysis, Triage)
- Hunting (anomalous pattern detection and content management).
- Prior experience of investigating security events.
- Should be able to distinguish incidents as opposed to non-incidents.
- Working knowledge of:
- operating systems
- network technologies (firewall, proxy, DNS, Netflow)
- Active Directory
- Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.)
- Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
- Identify Gaps and Proactively fix what is Committed vs Delivered:
- Monitoring log sources as per scope are very crucial to SOC operations. SOC Lead should ensure governance and validity of in-scope/out-of-scope log sources.
- Ensure that each log source has use cases, hunting models, and no threat detection aspect is getting missed.
- Gap analysis based on customer domain / business applications / technology deployed etc:
- SPOC: Response to client problems/requirements:
- First response to the customer queries and complete ownership till query is addressed.
- Log source integration/decommission etc.
- coordinating with other internal units within Atos for timely response to client.
- Show value/benefits of the delivery (MDR) during MIS/QBR meetings
- Timely closure of operational tasks
- Articulate SOC value add, proactive threat detection, new feature releases, etc. in MIS/QBR meetings.
The candidates should have:
- Minimum 5+-year total experience with minimum 5+ years in a security operations environment
- Have minimum 2 years’ experience managing a team of people.
- Have minimum 2 years’ experience in client facing roles.
- Good understanding of SIEM SOC concepts and operations
- Clear technical and operational understanding of areas worked in
- Good verbal & written communication skills
Qualification:
- Engineering graduate – preferably B.E. /B tech in I.T of Computer Engineering
- At least One Certification Preferred – CCNA or CEH