Serve as a Team Lead / Tier 3 level for complex technical and procedural escalations
Provide technical lead support to clients, vendors and coworkers as required
Responsible for development and execution of incident response plans for escalated response processes
Proactively identify indicators of compromise and generate and execute Incident Response Plan upon detection
Provide Incident remediation and prevention documentation
Handle User and Entity Behavior Analytics (UEBA) use cases of potential security incidents and security events in accordance with SOC processes and procedures
Identification and resolution of complex issues in customer environments. Develop resolution and implementation plans
Work in collaboration with other security and company departments (operations, legal, sales) to help identify / resolve chronic issues and assist with the creation and implementation of corrective / preventative action plans
Research, analyze and identify potential vulnerabilities and security deficiencies
Initiate escalation procedure to counteract potential threats/vulnerabilities
Research and implement customer generated change requests for MSS products
Responsible for operation, maintenance, and monitoring of network hardware and related control software providing a variety of customer services. Observe and control the status and performance of all security components of company products and services
Perform tasks associated with the installation, turn up and maintenance of Lumen security infrastructure and escalation of same
Conduct security training, new hire training and network impact reviews
Coordinate repair and maintenance of security system with security integrators. Liaise directly with third party vendors / suppliers
Participate in company sponsored job related activities plus training to further develop your management and technical skills
What We Look For in a Candidate
Requirements:
5 - 10 years of professional work experience in Information Security with at least a couple of years of SOC based experience
Experience using commercial and open source software and malware reverse engineering tools
Experience identifying vulnerabilities and modifications to hardware
Demonstrated proficiency exercising a detailed depth and breadth of technical subject knowledge to SME levels
Possible security technology certifications (e.g. CISSP, SANS (GCIA, GCIH, GSEC))
BS/BA degree in Computer Science, Information Technology, or related discipline or equivalent experience
Strong analytical skills to define risk, identify potential threats, document and develop action/mitigation plan
A passion for information security and data security
Knowledge/experience with Operating Systems (e.g. Windows Server, CentOS Linux)
Knowledge/experience of networking and firewalls (e.g. Cisco ASA, Palo Alto, Checkpoint, Juniper, Fortinet, Arbor, Radware)
Working knowledge of Elastic Stack (Elasticsearch, Kibana) and Log Management/SIEM (e.g. Splunk, QRadar, ArcSight)
Good to have programming and scripting skills (e.g. C++, Bash, Python, Perl, Powershell)
Foundational Knowledge of Enterprise Anti-Virus, IDS, Full Packet Capture and Host/Network Threat Analysis
Knowledge of Threat Monitoring Procedures
Experience with securing various environments preferred
Experience working a SOC and doing incident response is preferred
Strong leader and delegator
Exceptional customer service skills
Detail oriented individuals that work well in a team environment and have a hunger to learn
Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers, managers and vendors
Must be able to satisfy local government / national background screening.
