Uni Solutions jobs - Business Development IT Sales

As a Fusion SOC Shift Lead you will support theSecurity Operations Center (SOC) as a lead, performing threat actor-basedinvestigations, recommending detection methodologies, and providing expertsupport to incident response and monitoring functions.

• Act as the main interface point between Service Delivery Managers and SOC service teams
  
• Act as an escalation point and/or SME for all advanced security incident escalations from L1 analysts
  
• Responsible for all SOC shift activities
  
• Perform review and final sign off-of all runbooks and playbooks
  
• Assign and prioritize tasks/tickets to the SOC shift team
  
• Manage ticket queues including escalation of outstanding tickets, tickets requiring updates, and escalation of open tickets where necessary
  
• Provide guidance on process and procedures specific to the clients monitoring environment
  
• Responsible for meeting Service Level Agreement (SLA) requirements
  
• Ensure quality standards are being met by doing ticket audits and reviewing and completing shift turnover logs
  
• Responsible for leading SOC shift handover calls
  
• Provide continuous improvement and on the job training (OJT) for SOC analysts
  
• Manage PTO requests and other schedule issues that impact SOC operations
  
• Coordinate with Cyber Security Engineers to resolve Security information and event management (SIEM) health issues
  
• Coordinate with Service Delivery Managers (SDMs) to enforce specific client requests and provide monitoring updates
  
• Coordinate with SDM to process and complete non-JIRA incidents
  
• Monitor and provide feedback/guidance on incident tickets on trends, patterns and anomalies
  
• Point of escalation for operations/security issues
  
• Ensure quality of FMS SOC service delivery, including policies and Service Level Agreements are met
  
• Assist with analytic investigative support of large scale and complex security incident
  
• Communicate SOC client service delivery issues to SDM and coordinate remediation
  
• Attend client calls as and when needed to assist SDMs with dissemination of security and event information
  
• Familiarity with tools such as: IDS/IPS, DLP, Proxy, WAF, EDR, AV, MVM, Sandboxing, FWs, Threat Intel, Pen Testing, APT
  
• Analysis of network data (e.g., packets, logs) and endpoint data (e.g., logs, malicious artifacts) in both structured and unstructured methods using SIEM and various tools
  
• Review SOC reports and deliverables
  
• Manage security event investigations, partnering with other teams as needed
  

Actively seekself-improvement through continuous learning and pursuing advancement to a SOC Manager

Qualifications

Required:

• Bachelor ofScience with a concentration in computer science, information systems,information security, math, decision sciences, risk management, engineering(mechanical, electrical, industrial) or other business/technology disciplinesor equivalent work experience
• Overall 2+ years working in a SOC and a minimum of 6 months in an L2 analyst or equivalent capacity and/or strong security technology operations experience as a Senior Analyst/ Shift Lead
• CertifiedInformation Systems Security Professional (CISSP),Certification in CertifiedIntrusion Analyst (GIAC),Continuous Monitoring (GMON),Certified EthicalHacker (CEH) or equivalent
• Able to work shifts on a rotating basis for 24/7 operational support
• Experience insecurity technologies such as: Security information and event management(SIEM),IDS/IPS, Data Loss Prevention (DLP),Proxy, Web Application Firewall(WAF),Endpoint detection and response (EDR),Anti-Virus, Sandboxing, network-and host- based firewalls, Threat Intelligence, Penetration Testing, etc.
• Knowledge ofAdvanced Persistent Threats (APT) tactics, technics and procedures
• Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Understanding of common network infrastructure devices such as routers and switches
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
• Basic knowledge in system security architecture and security solutions

Preferred:

• Provenability to translate complex information sets into specific recommendationsthat can be actioned by customers to enhance their security posture
• Workingknowledge of threat analysis and enterprise level mitigation strategies
• Workingknowledge of how malicious code operates and how technical vulnerabilities areexploited
• Workingknowledge of operating systems and networking technologies in general
• Workingknowledge of cyber threats, defenses, motivations and techniques
• Excellentinterpersonal and organizational skills
• Excellentoral and written communication skills
• Stronganalytical and problem-solving skills
• Self-motivatedto improve knowledge and skills
• Astrong desire to understand the what as well as the why and the how of securityincidents