Search for More Jobs
Forward job to a friend
Apply without Registering
Apply by creating/using an account
Please enter your registered email address, and we'll email you a link to reset your password right away.
Location: Augusta, GA
Duration: 3 months contract to hire
Schedule: 24x7 Security Operations Center – The first month will be day shift for training. After that, the schedules will be split into 1st, 2nd, and 3rd shifts (the manager provided a draft schedule for us below). ALL of the candidates' shift preferences and availability MUST be listed at the top of the resume (in order or preference; priority on top)
Must have skills:
· SIEM knowledge (preferably LogRhythm, but not required)
· Identity and Access Management knowledge (Preferably Okta, but not required)
· Advanced Endpoint Protection knowledge (Preferably Cylance or Carbon Black)
· Firewall/Networking knowledge (Palo Alto, Cisco, Checkpoint and/or Fortinet)
Overview: To provide high quality security device management and support services to Managed Security Service customers. This can include (but not limited to) Firewall, IDS/IPD, VPN Concentrator, VM/Scanning Systems and SIEM in either a leveraged or dedicated delivery team model.
Key Job Responsibilities
• Working incidents based on standard service measures.
• Provide technical support to customers across the managed service portfolio.
• Responding to device alerts through in-house proactive alerting system.
• Support customers via on-site, and/or remote phone and email.
• Liaise with vendors to support customer devices and environments.
• Attending technical training to retain skill levels across portfolio.
• Qualifications Technical certification in at least 1 security or network products set
• 2 years related experience
• An understanding of networking technologies
• Experience in a Support environment
• Experience of working within a team environment
• Excellent customer service skills
• Pro-active attitude to troubleshooting support issues
• Evidence of trouble-shooting skills
• Experience working with packet captures/tcp dumps
• Knowledge of different security platforms available with experience of configuring/managing at least one of the following
- Checkpoint firewall
- Juniper Netscreen/SRX firewall
- CISCO PIX/ASA firewall
- Bluecoat Proxy
- F5 load balancer
• Knowledge of Checkpoint, F5, Bluecoat, MacAfee and Juniper Products
• Familiarity with SIEM, IPS/IDS and VPN Technologies and Authentication Software
• Familiarity with Microsoft and Citrix servers.
• Familiarity with ITSM/ ticketing systems.
The primary function of this role is to participate as a mid-level member of a 24x7 Security Operations Center (SOC) team, delivering the required actions as described within agreed guidelines and follow standard procedures to maintain, manage and report on the security event management and infrastructure events of our clients.
* Applying knowledge of a client's security policies and procedures to detect, analyses and prevent both internal and external security breaches using SIEM and other security event monitoring tools
* Research and document appropriate information to support escalations of complex security issues to Senior Analysts or appropriate engineers
* Actively monitor the SIEM/security monitoring tools in order to identify anomalies and other event not automatically detected
* Develop basic SIEM/security monitoring tool event filters
* Lead or assist rule development activities to need to increase detection efficiencies and help in the prevention of malicious attacks
* Provide vulnerability assessment analysis to clients/accounts based on scanning technology output.
* Experience in networking, operational security management and telecommunications;
* At least 4 years' experience in a security analyst/administrator role in a complex environment;
* Extensive knowledge of security products and network topology;
* Extensive knowledge of TCP/IP and other protocols;
* In-depth knowledge of current Internet security attacks and prevention.
* Experience in security analysis tools such as ArcSight, LogRythm, QRadar, etc.
* Strong knowledge of leading enterprise commercial firewall technologies (certifications preferred);
* Strong knowledge of structured intrusion detection, tracking and analysis using industry leading commercial technologies (certification preferred);
* Specific knowledge of Windows security issues;
* Specific knowledge of Unix security issues;
* Excellent English communication skills, both verbal and written. Other language skills are an advantage;
Preferable Certification: CPT, CEPT, ECSA, GCIH (SANS), GCIA (SANS)
Location- Augusta, GA
Ray Santos I email@example.com I Sunrise Systems Inc I 105 Fieldcrest Drive Suite 504 Edison, NJ 08837 I (732) 395-4426 I www.sunrisesys.com
You can also find me here!!!
Apply by creating/using an account