SOC Analyst/Security Engineer

Role: SOC Analyst/Security Engineer

Duration: Long term

Location: Washington, D.C.

ESSENTIAL DUTIES

The position's essential duties include the following:

/- 5-year experience as a qualified security analyst

Defines and implements security configurations for threat detection/prevention tools

Integrates threat, vulnerability, IT, Business to prioritize incident handling and investigation

Perform analysis for security events as detected by various host and network-based tools

Drive the remediation efforts for security incidents

Document/communicate findings (case management) and after-action reports

Analyze and report on actionable threat intelligence

Generate reports and create documentation

Knowledge of system and network architecture and integration both technical and functional

Demonstrated experience with performing security policy assessments

Expert technical knowledge with infrastructure and security operations, vulnerability management, security automation, patch and configuration management (i.e. Nessus, Splunk, etc.)

Knowledge of Common Network Terminology

Knowledge of TCP/IP Addressing and Routing

Supports vulnerability management and identification program and continuous monitoring for certification & accreditation.

Supports the technical analysis of vulnerability data and recommendations for remediation for OS, Web, Database, Network and others; supporting vulnerability mitigation activities

Performs the daily engineering operations for security monitoring, and vulnerability scanning

Basic understanding in defending attacks utilizing security technologies

Common Operating System security (Windows and Linux security, at minimum)

During team meetings, take clear notes, participate and listen attentively

Create documents on day to day procedures and find ways to refine those procedures when needed.

Communicate in a clear, concise and logical manner when a problem arises to team members. Be able to document the problem with the necessary troubleshooting steps taken to remediate it for future reference.

Perform Patch and Vulnerability Management tasks as assigned.

Knowledge of the general principles and tenets of Information Security.

Demonstrates continuous effort to improve operational performance, streamline work processes and work cooperatively and jointly to provide quality, seamless customer service.

Perform other administrative and support functions as needed.

REQUIRED SKILLS AND QUALIFICATIONS

Splunk, Nessus, FireEye, Carbon Black, Proofpoint

Microsoft Excel, Word, PowerPoint, Access

Good Communication, Leadership and Problem-Solving Skills

Understanding and/or configuration of Security Appliances / Technologies:

o Firewalls

o Network Intrusion Detection Systems (NIDS)

o Network Intrusion Prevention Systems (NIPS)

o Security Event and Incident Management (SEIM)

o Web Security Appliances (WSA)

CISSP or CASP (CompTIA Advanced Security Practitioner)

Security CE certification

EDUCATION

Degree in Computer Science, Information Science or related field SPECIAL SKILLS

Knowledge of Configuration Management tools. Examples: Puppet, Shavlik, SCSM

Knowledge of Network tools such as SolarWinds

Familiarity with any ticketing tool like JIRA, ServiceNow, Remedy, etc.

Please share resume to sridhar @ rampscorp . com