- Futuretech Staffing
- Security Operations Center Analyst
- Security Analysis, Threat, Incident Response, SME, Incident Detection, Analysis, Forensics, EnCase, ArcSight, EnVision, Splunk, Anti-Virus, Malware, Shell Scripting, Perl, Python, ServiceNow, Altiris
- Date Posted:
- Long Beach, CA
- Area Code:
- Employ. Type:
- Pay Rate:
- $40.00 per hour
- Job Length:
- Position ID:
- Dice ID:
- Travel Required:
- Geina Bongiorno
- (818) 758-0242
- Security Operations Center Analyst
- Long Beach, CA
The Security Operations Center Analyst will have an exciting opportunity working as an Incident Responder and Threat Analyst within the Computer Incident Response Team. This role will be reporting to the Chief Security Officer and the Director of Security Operations who is responsible for managing IT security incidents including, incident detection and analysis, forensics, containment, eradication and recovery, and post-incident lessons learned performing threat vector analysis. The selected Security Operations Center Analyst will determine potential impact of specific identified threats; performing system and network log collection and analysis; creating and supporting automated processes for process and workflow integration with ticketing systems; and developing appropriate metrics (key risk and key performance indicators).
This role will require a highly qualified individual who can proactively anticipate and work to resolve problems; is a strong critical thinker who is detail oriented; and can analyze and process large data sets. Should be able to be responsive and inclined towards speed and execution; detecting underlying, complex patterns and drive root cause analysis; can work under pressure across multiple roles and hierarchies, is highly collaborative, but can work independently, and is innovative and thinks outside the box.
- Manage all levels and aspects of IT security incidents and IT policy violations.
- Management of IT security incidents including, incident detection, analysis and digital forensics, containment, eradication and recovery, and post-incident lessons learned.
- Coordinate all aspects of incident response across multiple stakeholders.
- Perform detailed analysis combining analytical skills with advanced knowledge of IT security and network threats.
- Perform system and network log collection and analysis.
- Create and support automated processes and workflow integration with ticketing systems.
- Develop and maintain incident related metrics. Prepare status reports and executive presentations.
- Proactively ensures that all SIRT team members and other relevant stakeholders are fully aware of, and properly engaged in incident response activities.
- Demonstrate relationship building, effective communication skills, and quality service in managing incidents.
- Perform proactive all-source research to identify and characterize current and emerging threats, vulnerabilities, and risks.
- Performs threat assessment and provides mitigation recommendations.
- Identifies, evaluates, and catalogs sources of information security-related threat intelligence.
- Designs and develops techniques to detect malicious activity at the user, host, and network levels.
- Identify gaps in security monitoring and detection capabilities.
- Serve as Subject Matter Expert for threat intelligence activities to other groups within the company.
- Develop documentation, reports, data sets, and other work products. Researches and recommends threat monitoring software and tools. Develop metrics, dashboards and data driven presentations that provide insight into emerging threats.
- Demonstrates quality service and accountability in the process of: design, development, and implementation of a threat analysis capability for the company.
- Utilizes analytical and communication skills to identify and develop mitigation strategies for emerging threats.
- Bachelor degree in computer science or a related field and/or equivalent combination of education, certification and experience.
- At least 3 years demonstrated experience in incident response or a related role requiring confidentiality, timeliness, analysis, prioritization, problem solving, and ability to work collaboratively and independently.
- Proven ability to lead successful incident response efforts involving multiple stakeholders.
- Certification or extensive experience with one or more of the following technologies:
- Computer Forensics (EnCase)
- Security Incident and Event Management (e.g. ArcSight, Envision, Splunk), Anti-virus/Malware analysis, Log analysis (Envision preferred)
- Internal ticketing system(s) for incident response, and change management (e.g. ServiceNow, Altiris, Footprints)
- Scripting experience (Perl, python, shell), Netflow data analysis
- Creative problem solving skills; defines problems, analyzes causes, identifies possible solutions, selects the best solution, and develops action plans.
- Quality Service; Demonstrated ability to establish and maintain effective relationships with internal and external customers in a manner that consistently meets the organizations expectations for exemplary customer service.
- Leadership; Demonstrated experience acting to address current issues, respond quickly and effectively in a crisis, determining future priorities, and leading ad hoc or project teams.
- Flexibility / Ability; Understanding and accepting the need for change, cooperating in implementation, and constructively voicing concerns and proposing alternatives.
- Recognized security certifications: GCIH, CISSP, GCIA, GCFE, GCFA
- Unix System Administration, Windows, Network Administration, Firewall Administration
Local candidates please. Sorry, we are unable to sponsor or transfer at this time. No 3rd Party; only qualified candidates will be responded to.
Key Words: Security Analysis, Threat, Incidents, Response, SME, Subject Matter Expert, Incident Detection, Analysis, Forensics, EnCase, Containment, Eradication, Recovery, ArcSight, EnVision, Splunk, Anti-Virus, Malware, Log Analysis, Ticket System, ServiceNow, Altiris, Footprints, Perl, Python, Shell, Netflow Analysis