The GSOC (Global Security Operations Center) is responsible for the information security of enterprise and government clients. The GSOC provides managed services to prevent and respond to computer security incidents, to comply with various Customer Requirements, Federal and State privacy, and security laws and regulations and to comply with contracts that include information security requirements. The GSOC Team also leads information security initiatives to protect confidential information, including intellectual property, as well as research and personal information.
The Information System Security Analyst assists with the coordination of information security activities and collaborates with upper tiers within the GSOC to ensure that information systems are implemented and operating in accordance with a) Customer requirements, b) information security best practices and c) Our clients’ Policy and Federal and State laws and regulations.
The position requires participation in the shift rotation to support a 24X7 security operations center.
- Perform systems and network analysis of intrusions to the network infrastructure, applications, operating systems, firewalls, proxy devices, malware detection and more in a fast-paced environment.
- Perform in-depth network security analysis and work with the SOC analyst team conducting preliminary incident response, event analysis and threat intelligence.
- Monitor information security alerts to respond, triage, and escalate as needed.
- Perform continual monitoring of the environment to an effort to locate and remediate unauthorized activity.
- Review security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives.
- Provide both strategic analysis and near real-time auditing, investigating, reporting, and remediation, coordinating and tracking of security-related activities for customers.
- Administer and Implement security device changes (Anti-Virus, IDS/IPS, HIPS, Encryption, Authentication Management, Web Gateways, Email Gateways, SIEM, etc.).
- Process intelligence from various information security sources and integrate with protection devices.
- Perform correlation of events from network, enterprise and host sensors.
- Assist in compliance efforts, processing security-related services, change control, security research.
- Risk analysis, vulnerability testing.
- Conducting information security systems analysis; vulnerability/security scans.
- Utilizing a variety of information security and computer tools.
- Support information security projects.
- Function as a member of the information security team.
Demonstrated Technical Skills:
- The Information System Security Analyst requires enterprise IT experience in (3) or more of the following areas:
ü Web Applications
ü Cloud Computing
ü SaaS models
ü Desktop applications and demonstrable knowledge of networking (TCP/IP, topology, and security)
ü Fluency in multiple Windows, UNIX and Linux operating systems
ü Ability to read and understand vulnerability bulletins and security event data from many sources
- The Information System Security Analyst requires a Minimum of two (2) years of experience within a technical security role having responsibilities with the following:
ü Network security
ü Operating system security
ü Internet/web security
ü DLP, anti-virus, anti-malware
ü IDS/IPS, penetration & vulnerability testing
ü Security event manager (SIEM)
ü Supporting internet security
- Experience in an information security role or in a position with substantial information security responsibilities.
- Experience with network protocols and packet analysis tools, such as Wireshark.
- Experience writing and modifying security policies and procedures in response to threat incidents.
- The ability to read and understand vulnerability bulletins, and security event data from many sources.
- Experience responding to threat incursions in a call center environment.
- Operating systems knowledge and systems administration skills for various versions of UNIX, LINUX, and Windows.
- Experience with analyzing security attacks and exploits.
- Basic understanding of programming concepts and code.
- Ability to understand and utilize HTTP and similar protocols for analysis and troubleshooting.
- Experience in the evaluation of new technology and security threats as they arise.
- Experience in information security, ideally in multi-platform environments.
- Familiarity with information security best practices.
- Data Correlation and Analysis.
- Incident Response
- Demonstrated documentation skills including creation of project metric reports and the creation of communication plans and change control documents.
- Must be able to manage multiple tasks accurately and efficiently.
Must be able to obtain a government clearance to be considered.
The position requires the ability to work a rotating shift quarterly, and participation in the on-call rotation and other team-shared duties such as telephone coverage.
Interpersonal Skills Desired:
- Good judgment with an ability to form logical approaches consistent with information security best practices in response to information security events, while providing excellent customer service.
- A high level of integrity, excellent judgment and knowledge concerning issues of privacy and confidentiality, excellent oral and written communication skills, ability to work as an independent, productive, responsible, self-motivated member of a team in high pressure situations while maintaining a calm, customer-friendly perspective.
- Ability to work as an independent, productive, responsible, self-motivated member of a team.
- Excellent oral and written communication skills including the ability to effectively communicate technical concepts, policies, and procedures to individuals with a wide range of expertise and backgrounds.
- Ability to work calmly and effectively.
- Ability to manage time-sensitive security challenges as they arise, effectively utilizing work and project plans to manage deadlines.
- Creativity to recognize and address new threats and security challenges as they arise.
- Innovative Mindset.
- Critical thinking skills.
- Innovative Mindset
- Bachelor’s Degree in Computer Science or equivalent experience.
- Professional certifications from bodies such as SANS/GIAC, ISACA, and ISC2, GSEC, CISA and/or other information security certifications are highly desired.
- General IT related certifications are also desired.
About the company:
Join one of the fastest growing Cyber Security companies in Tampa Bay. Our client is a very family-oriented company known for working collaboratively and independently with their employees and believes in promoting from within.
If this position does not meet all of your requirements, we welcome you to contact us with your resume or review our website, www.prattbrown.com or www.dice.com for other openings. In addition, we have additional opportunities that may not be listed and we would be happy to match your skills with other available jobs. Please e-mail your resume with your salary requirements to firstname.lastname@example.org. We look forward to helping you find a job opportunity that best fits your needs.