Job summary:

Job description:

***  no c2c ***Full time with benefits (https://msysinc.com/benefits/)  or long term hourly contract *** W2 only;  Mostly remote; candidate may be asked to be onsite once in 3 months for few days.

Interview : Skype/Phone.

• This specific Statement of Work is for a Cyber SOC Experienced Analyst to prevent, detect, investigate, and assist in directing remediation to cyber-attacks and threats against organization enterprise applications, networks, and services by investigating indicators of suspicious and malicious activity, and proactively discovering threats to organization. Individual must have at least 7 years’ experience in Security with a MINIMUM of 5 years hands on working with a SIEM creating offenses, alerts and grooming logs. Preference is an individual who has experience leading a CSIRT, CERT, SOC or Investigations team. SIEM preference is QRadar or Azure Sentinel.
  
  This position requires previous security operational center experience - monitoring, investigating, alerting, and reporting security threats. It also requires previous experience in developing SOPs and documentation.
  
  Candidate will be required to explain previous experience in the following:
  - Developing offenses and alerts in SIEM and Incident Response tools
  - Oversight and development of Use Cases, Playbooks/Runbooks, SOP.
  - Impact of their work on improving the security of an organization.
  - Network vulnerability and compliance scanning
  - Review and interpretation of the results thereof
  - Determination of severity and urgency when evaluating risk
  - Working with system owners to determine if and when corrective action will be taken.
  
  You will have a technical role, supporting the SOC Analysts to find the threat actors attempting to attack SCDOR infrastructure. You will need to be a technical and professional leader, someone who enjoys training and mentoring teammates, and a person who can encourage and elevate the team.
  
  Under general supervision, the contractor will serve as an analyst reporting directly to a functional manager. Contractor will be a team member that ensures the stability and integrity of data, and server services through monitoring, maintenance, support, and optimization of all server infrastructure. This individual has 24/7 on-call responsibilities shared with the group. This position can be remote, but we require contractor to report on-site for one week each quarter at vendor’s expense.
  
  DAILY DUTIES / RESPONSIBILITIES:
  The Cyber SOC Experienced Analyst will ensure the effective operations of the SOC through the following:
  
  Technical
  - Proactively search for active intrusions in the SCDOR environment, recognizing potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  - Work closely with escalation points to close out complex investigation
  - Conducting holistic, investigative analysis and rating the risk associated with observed activity
  - Review investigation escalations from SOC Analysts to ensure accurate analysis and provide advice/mentorship
  - Refine and develop dashboards, queries and reports to continuously improve security situational awareness
  - Maintain SOC documentation, procedures, processes and hardware and software inventory detail
  - Demonstrate a sound understanding of security technologies and their function within a networked environment
  - Adhere to corporate information security guidelines and promote information security among coworkers
  - Develop reports (manual and automated) to support the development, collection, and reporting of Quality Assurance and Performance metrics.
  - Performs other duties and special projects as assigned.
  
  Non-Technical
  - To demonstrate highly technical thinking and knowledge, inspire confidence and credibility within a team
  - Time management on multiple investigations, prioritizing
  - Appetite to develop an understanding of most investigations, cyber threats and computer forensics.
  - Taking control of high pressure situations and the attention to detail to precisely find the source
  - A good team ethos and drive and be a self-starter.
  - The ability to work unsupervised and under pressure
  - Excellent verbal and written communication skills
  - Provide feedback to team regarding product issues, enhancements and new features.
  - Ability to ask pertinent questions of others.
  - Proactively seek to identify, communicate and implement process related improvements.
  - Effectively manage multiple tasks and activities concurrently and able to provide periodic status updates to key stakeholders
  - Collaborate extensively with peers and management to resolve client issues while actively contributing to a growing knowledge network that improves the effectiveness of our team and the information available to our clients.
  - Prioritize numerous issues of varying severity, and effectively manage the resolution of all issues within accepted service levels. This includes ownership of the data entered into the Helpdesk system and appropriately updating both client and appropriate employees of status of all issues on a timely basis.
  - Good customer skills, be attentive to detail, and responsive to customer tickets
  - Performs other duties and special projects as assigned.
  
  REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
  • SECURITY INFORMATION EVENT MANAGEMENT (SIEM) SYSTEMS DEVELOPMENT / CONFIGURATION
  • SIEM CREATION AND TUNING OF OFFENSES, ALERTS
  • SIEM CREATION AND TUNING OF LOG SOURCES
  • INCIDENT MANAGEMENT
  • SOC EXPERIENCE
  • MUST HAVE EXCELLENT (Written and Verbal) COMMUNICATIONS SKILLS
  • THREAT HUNTING
  • ABILITY TO INSTALL AND USE VARIOUS SECURITY TOOLS
  • CYBERSECURITY
  • IT SECURITY
  • SECURITY - KNOWLEDGE IN NETWORKING, DATABASES, SYSTEMS AND WEB OPERATIONS
  • SECURITY INFORMATION ARCHITECTURE
  • INFORMATION SECURITY PRINCIPLES AND PRACTICES
  
  PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
  • Currently employed as a SOC 2 or SOC 3 analyst
  • IRS Safeguard Computer Security Evaluation Matrix (SCSEM)
  • Forensics
  • Experience in projects involving PCI/NIST security implementations and/or audits.
  • Windows Security - Group Policy
  • Wireshark
  • Penetration Testing
  • Tenable Security Center Administration
  • Risk/vulnerability assessments
  • OWASP Top 10 remediation techniques
  
  REQUIRED EDUCATION/CERTIFICATIONS:
  • Seven (7) years of experience in security information technology systems or related area, with a minimum of 5 years utilizing SIEM technology.
  
  PREFERRED EDUCATION/CERTIFICATIONS:
  .Preferred Industry Certifications in field.
  - GCIH, GCTI, GCCC, GCWN, GSEC, CEH, GCIA, GCFA, GCFE, GREM, CCIM, CFCE, CCE, CIFI, CHFI, CCNA, CCNA Cyber Ops
  - IBM Certified Associate Analyst - Security QRadar SIEM

Contact the recruiter working on this position:

The recruiter working on this position is Raghu
His/her contact number is +(1) ()
His/her contact email is raghu@msysinc.com

Our recruiters will be more than happy to help you to get this contract.