Description

Key Requirements and Technology Experience:

Security incident handling involves investigating issues to determine if there is a real security incident or a false positive, notifying customers as needed, and sending customers standardized emails specifying the steps they need to take to fix the problems. 
Device and health monitoring involves troubleshooting network connectivity problems concerning managed security devices, often time working with Advanced Support Team engineers and/or vendors/partner technology teams on device replacement/reconfiguration. 
Focus on SLA attainment for your shift by ensuring ticket buckets have been ""scrubbed"" and that issues are followed through until completion or escalation. 
Prepare Shift turnover and Shift Report to ensure continuous smooth continuous workflows between shifts. 
Support USARC Customer Audits. 
Update and Maintain process documents as needed. 
Respond to security threats raised through the correlation and analysis of security events from sources such as firewalls, IDS/IPS devices, packet captures and security logs to include blocking IP addresses at the perimeter firewalls with near real-time response. 
Interpret and explain PCAP data and firewall logs
Work with a USARC customer supporting STIG, POAM, ATO and CTO Certification and remediation plans. Assess network changes for vulnerabilities. Address Incidents/Scenarios dealing with PII, Information Spills and Stolen Assets. Address Insider Threat, Malware and Policy Violations following USARC Policy. 
Special Projects from Management. 
Active technical certifications in the Security field
College degree (two or four year). 
Experience with Sourcefire, Checkpoint, Tripwire, Bluecoat Proxy
Knowledge of ITIL and/or previous work in an ISO operating environment. 
Payload analysis (packet analysis). 
Health/alert monitoring (HM/AM). 
Arcsight. 
Splunk. 
Sourcefire. 
BlueCoat. 
FireEye. 

Education

Any Graduate