Essential Job Functions
Experience in Information Security
Experience in global SOC operations Hands on experience on SIEM platform Q
Radar ArcSight other SIEM technology Threat intelligence and incident management Prepare reports by collecting analyzing and summarizing information
Analyze security breaches to determine their root cause
Configuration and operation of security device authentication management logging platforms Identify troubleshoot and resolve complex network connectivity issues as well as advise on network security related issues Understanding of network and endpoint security tools and how they integrate into the SIEM and provide a cohesive view of network incidents and security Configure backups verify custom reports manage log source groups and validate log sources Maintain and improve our current SIEM solutions in accordance with DXC policies regulatory requirements and security best practices
Correlate logs from different sources and fine tune it to decrease false positive ratio
Create scripts to automate and minimize manual tasks
Good Communication Skills Capability to work in 24 7 Strong understanding of the process
Demonstrates proven thorough abilities and success utilizing the following when producing deliverables for client related to managing Global SOC run and Maintain including the following areas Performing as a team member understanding personal and team roles contributing to a positive working environment by building strong relationships with team members proactively seeking guidance clarification and feedback providing guidance clarification and feedback to less experienced staff Demonstrates proven thorough abilities with leveraging creative thinking and problem solving skills individual initiative and utilizing productivity tools
Communicating in an organized and knowledgeable manner in written and verbal formats including delivering clear requests for information and communicating potential conflicts Conducting quantitative and qualitative analyses of large and complex data Contributing to and supporting practice management for a specific operation or process Identifying and addressing client needs while displaying the ability to contribute to the development of a business vision and manage implementation efforts with complex project management capabilities Basic Qualifications Bachelors degree or equivalent combination of education and experience
Bachelors degree in computer science or related field preferred
Three or more years of experience in network host data and or application security in multiple operating system environments
Experience working with IP networking networking protocols and understanding of security related technologies including encryption IPsec PKI VPNs firewalls proxy services DNS electronic mail and accesslists
Experience working with internet web application and network security techniques
Experience working with relevant operating system security Windows Solaris Linux etc Experience working with leading firewall network scanning and intrusion detection products and authentication technologies
Experience working with federal regulations related to information security FISMA Computer security Act etc Experience working with NIST Special Publications and C A process methodology
Possess security certifications CISSP CCNA etc and or top secret security clearance Other Qualifications Communication skills
Analytical and problem solving skills to troubleshoot and resolve network operating system security issues
Ability to perform and interpret vulnerability assessments
Ability to administer the operations of a security infrastructure
Ability to balance and prioritize work Work Environment Office environment