SOC Analyst for a contract to hire role in an enterprise cloud environment; including a proven integrated Security Operations Center (NOC) and infrastructure engineering teams.The SOC supports security management functions for our multi-tenant cloud services offering distributed across multiple data centers/sites. Successful applicants will need to posses the ability to work independently as well as within groups.
Schedule: Shifts will be 12:00 pm - 10:00 pm, Wednesday-Saturday, but must be willing to work 3rd shift if needed.
- Monitor and analyze monitors resources such as AlienVault; Symantec; data feeds of alerts and logs from firewalls, routers, and other network devices or hosts; and data feeds and/or alerts from CISCO IPS, and other host and network-based IDS/IPS to watch for security violations and determine vulnerabilities
- Conducts initial triage of security events and incidents. Facilitates communication within the SOC and documents progress throughout the Incident Response Lifecycle.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Performs Computer Security Incident Response activities for GDIT Cloud, coordinates with other GDIT SOC and tenant's POC to record and report incidents.
- Communicates alerts to Tenant POC regarding intrusions and compromises to their systems, applications and operating systems
- Recommends modifications to monitoring tools and identifies opportunities to streamline process
- Reviews compliance reports and works with engineering staff to document deviations to compliance standards as needed
- Supports enterprise vulnerability scanning, penetration testing, and compliance tools (Nessus, Tripwire, DBProtect, and Acunetix). Services and performs scanning for vulnerabilities and compliance to hardening guidelines.
- Prepares incident reports of analysis methodology and results
- Provides support for enterprise SIEM implementation.
- Maintains current knowledge of relevant technology as assigned.
- Participates in On-Boarding new Tenants as required.
Preferred Education & Requirements:
- Associate’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
- 3-5 years of directly related experience in: Workstation/server administration, Network support and communications troubleshooting, Security alert management, and Customer issue resolution and support
- Demonstrated experience with Windows and non-Windows server configuration, administration, and monitoring
- Demonstrated troubleshooting skills in networking and server management
- Experience working in a process-oriented workflow environment; ITIL experience preferred
- Experience working with multi-tiered ticket handling/resolution systems
- Professional verbal and written communication skills required, capable of contributing to Knowledge Management
- Ability to react to dynamic industry and rapid changes in information technology
- Ability to manage multiple priorities in a fast-paced environment
- Experience supporting large enterprise IT environments
- Experience creating, modifying, and following standard procedural documents
- Knowledge of the Cherwell Service Management platform desired
Candidates local to Colorado highly preferred. Must be eligible to interview onsite in Colorado. Must be able to work on a W2 basis without sponsorship for ANY US employer. Third-Party Applications Not Accepted