25 Oct
Security Operations Analyst - Remote
Vacancy expired!
Capgemini Government Solutions (CGS) LLC is seeking highlymotivated Security Operations Analyst to join our Aerospace team in Indianapolis, IN to support our government clients.The successful applicant will work closely with our clients to provide technical support in information security response, security monitoring, and supports audit/compliance activities. The successful applicant will have the opportunity to apply and grow their skill set, work with a motivated and entrepreneurial team, engage with a wide range of stakeholders, and build CGS capabilities to serve our clients.
Job Responsibilities As a Security Operations Analyst, you will:- Work as part of a team of Information Security professionals supporting a global enterprise.
- Perform daily operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Event Monitoring tools, network, and host-based intrusion detection systems, firewall logs, and system.
- Communicate and escalates issuesand incidents as required by process or management.
- Contribute to the design and implementation of Security Event Analysis and Incident Management processes and procedures.
- Create incident response reports and documentation as required to communicate findings, outcomes and lessons learned.
- U.S. Citizenship is required.
- Eligible to obtain and maintain a Government Security Clearance (DoD Secret).
- 2-5 years of experience working in SOC environment or as Security Analyst.
- Experience supporting a large global enterprise environment
- Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management.
- Proficient knowledge and understanding of IP protocols and ports.
- An understanding of incident response methodologies and technologies.
- Familiar with key security models and regulations such as ISO 2700X, SOX and PCI.
- Customer service including the resolution of customer escalations, incident handling, and response.
- Programming and/or scripting language experience (C, .NET, Python, Perl, etc).
- Technical certifications considered an asset are: CISSP, GCIH, GCIA, GCFA, GPEN , GCCF, CISA, CWSP, CCSP, CCNP, MSCE or, other relevant certification in vulnerability analysis, ethnical hacking techniques or penetration testing.
- Experience with vulnerability assessment platforms and manual validation.
- Experience in the areas of change control, problem management, incident management and troubleshooting of security solutions.
- Technical proficiency in at least one enterprise SIEM platform (i.e. ArcSight, Envision, Q1 Radar, Nitro Security), and at least one enterprise Network Intrusion Detection System (i.e. HP Tipping Point, Sourcefire, McAfee)
Vacancy expired!