Technology Security Officer

The Technology Security Officer is responsible for successfully performing the daily monitoring, investigation, and incident response activities of Enterprise SOC. The Security Office will support a full comprehensive array of analytical activities as part of external threat monitoring, detection, event analysis and incident reporting efforts to include: presentation reviews, internal and external threat reporting, analysis of inbound and outbound public internet traffic, suspicious e-mail messages, administer access request to specific public sites, communicate and coordinate the characterization of events and the response..

Basic Qualifications:

  • Perform real-time monitoring of internal and information technology security equipment (IDS, IPS, HID, firewalls, SYSLOG) and systems to determine operational status and performance making use of various Security Incident and Event Management (SIEM) systems and other related security management/console applications, such as network traffic and data analytics )
  • Analyze both raw and processed security alert and event data to identify potential security incidents, threats, mitigations, and vulnerabilities
  • Support follow-on actions, such as coordinating with other organization teams to facilitate remediation of the alert/event/incident, and close out the investigation.

Desired Skills:

  • Perform initial alert/event/incident triage used for investigation
  • Initiate incident notification, case tracking/management, recovery actions, and report status updates
  • Coordinate process and procedure actions with geographically separated team members
  • Working knowledge of well-known networking protocols, services and operating systems to include but not limited to: TCP/IP, LDAP, Radius, IPSEC, HTTP, HTTPS, SSL, SSH, SFTP, SMTP, PPTP, PPP, SMB, SNMP, RIP, Windows and Linux)
  • Experience scripting in Linux BASH/command line, and Python or PERL.
  • Experience working with Wireshark and Microsoft Office, specifically Word, Excel, PowerPoint, and Visio
  • Facilitate new device adds, perform compliance scans and verify system compliance
  • Provide user training with security compliance tools and administer user accounts
  • Troubleshoot and resolve issues with security compliance tools and dashboards
  • Acknowledges incoming helpdesk tickets and updates users with ticket status in a timely manner
  • Maintains current knowledge of available patches, deciding what patches are appropriate for particular systems, ensuring that patches are installed properly, testing systems after installation, and documenting all associated procedures, such as specific configurations required.
  • Assured Compliance Assessment Solution (ACAS) based on Tenable vulnerability scanner highly desired
  • Excellent oral and written communication skills
  • Excellent interpersonal and organizational skills with a customer service mindset
  • Excellent critical thinking, analytical, and problem solving skills