Previous Job
Previous
Infra Security OPS Analyst
Ref No.: 17-08180
Location: Phoenix, Arizona
Mandatory skill:
Exposure to Log monitoring , analysis and compliance.

Preferred skill:
Log monitoring, PCI compliance and incident analysis

Job responsibility:
a. Specifics TBD until assessments and audits are complete
b. Fill specific gaps to achieve SOC 2 P2 compliance – based on Baker Tilly's P1 audit and GRC's
c. Fill specific gaps to achieve PCI compliance – based on MegaPlan's assessments
d. Policy writing/updating
e. Daily Monitor RSA logs – mitigate issues
f. Daily Monitor Cisco Logs using Solarwinds/Syslog– mitigate issues
g. Daily Monitor Server Logs using Solarwinds – mitigate issues
h. Daily Monitor FIM Logs – mitigate issues
i. Monitor SecureWorks as alerts come in – mitigate issues
j. Quarterly Monitor Wireless system – mitigate rogue devices
k. Monthly Monitor systems not commonly affected by malicious software – work with engineers to patch and mitigate as needed (routers/switches)
l. Monitor Cisco patching – work with Network engineer to patch as needed
m. Maintain PCI compliance documents
n. Implement and Maintain Risk Assessment process
o. Maintain the process to identify security vulnerabilities and assign risk levels
p. IO access SOC annual review
q. ARM, ARMCDE, The Client, Oorcm termed employee access review
r. Quarterly implementation and review of Qualys scans
s. Quarterly review of Nessus scans
t. Review vendor websites, industry news groups, mailing list, or RSS feeds for vulnerabilities, classify into High, Medium and Low and send to proper teams for remediation
u. Monthly checks of the AZURE monitoring system, google analytics and windows patching will be performed. Immediate response to alerts from the AZURE monitoring system for remediation will be performed.