Drag

Security

Location : ,

Job Description

6+Months

Phone and Skype

Reston, VA

 

Onsite

 

Job Title- Sr. Security Analyst Lead

 

Copy of driver’s License required.

 

  • Looking for a 5+ year candidate keep that in mind when asking about rate please. (NO FLEX)

Key Responsibilities

  • Ensure all threats at customer environment are detected and notified in timely manner.
  • Ensure customer deliverables are being provided as per agreed service level agreements.
  • Understand customer requirements and translate these into service outputs.
  • Keep track of scope and scope deviations, scheduled and adhoc deliverables.
  • Work with platform administration function to ensure integration of new devices, ensure health of monitoring infrastructure.
  • Ensure threat scenarios and operating procedures are in line with best practices and customer expectations.
  • Strong analytical and technical skills in computer network defence operations
  • Incident Handling (Detection, Analysis, Triage)
  • Hunting (anomalous pattern detection and content management).
  • Prior experience of investigating security events.
  • Should be able to distinguish incidents as opposed to non-incidents.
  • Working knowledge of:
    • operating systems
    • network technologies (firewall, proxy, DNS, Netflow)
    • Active Directory
    • Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.)
    • Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
  • Identify Gaps and Proactively fix what is Committed vs Delivered:
    • Monitoring log sources as per scope are very crucial to SOC operations. SOC Lead should ensure governance and validity of in-scope/out-of-scope log sources.
    • Ensure that each log source has use cases, hunting models, and no threat detection aspect is getting missed.
    • Gap analysis based on customer domain / business applications / technology deployed etc:
  • SPOC: Response to client problems/requirements:
    • First response to the customer queries and complete ownership till query is addressed.
    • Log source integration/decommission etc.
    • coordinating with other internal units within Atos for timely response to client.
  • Show value/benefits of the delivery (MDR) during MIS/QBR meetings
    • Timely closure of operational tasks
    • Articulate SOC value add, proactive threat detection, new feature releases, etc. in MIS/QBR meetings.

The candidates should have:

  • Minimum 5+-year total experience with minimum 5+ years in a security operations environment
  • Have minimum 2 years’ experience managing a team of people.
  • Have minimum 2 years’ experience in client facing roles.
  • Good understanding of SIEM SOC concepts and operations
  • Clear technical and operational understanding of areas worked in
  • Good verbal & written communication skills

Qualification:

  • Engineering graduate – preferably B.E. /B tech in I.T of Computer Engineering
  • At least One Certification Preferred – CCNA or CEH