SOC Analyst (SIEM IDS Incident Response) - REMOTE
- Responsible for working in a 24x7 Security Operation Center (SOC) environment.
- Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities, malware, and other threats that have the potential to impact the organization. Document threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
- Ability to understand and correlate data from multiple sources, not limited to user authentication events, windows security event logs, syslog, NetFlow data, DHCP logs, DNS logs, intrusion detections alerts, proxy logs, packet captures, and firewall events.
- Triage and validate security alerts and escalate incidents, as required.
- Troubleshoot system misconfigurations and recommend best practices for remediation
- Take initiative in evaluating, proposing, and deploying various detection capabilities.
- Integrate and share information with other analysts and other teams.
- Deliver status reports, briefings, recommendations, and findings to management as required.
- Strong verbal and written communication skills, fluent in English.
- Bachelor’s degree from an accredited institution in Computer Science, Information Technology or a related discipline, or equivalent experience/combined education, with some relevant working experience and specialized training that is commensurate with the assignment.
- 2+ years' experience Performing cyber security analyst duties in a SOC environment including root cause analysis.
- Knowledge of various security methodologies and processes, and technical security solutions (firewall, proxy, intrusion detection systems).
- Solid Understanding of TCP/IP, the OSI Model, and underlying Protocols.
- Experience with Security Information and Event Management (SIEM) tools. Splunk and Arcsight experience would be a plus.
- Candidate must be eligible to obtain National Security Clearance.
- Splunk searching and/or regular expression creation experience to support dynamic security event analysis.
- Scripting language skills in Python or PowerShell are preferred
- Must have Information Security Certifications commensurate with experience, i.e. GCIH, SEC+, Network+, GCIA, GSEC.
Keywords: Security Operations Center Analyst Cyber Security Analyst Cybersecurity Analyst Incident Response Analyst
Candidates should be flexible / willing to work across this delivery landscape which includes and not limited to Agile Applications Development, Support and Deployment.
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.
Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.
Click the following link for more information on your rights as an Applicant - http://www.capgemini.com/resources/equal-employment-opportunity-is-the-lawAbout Capgemini
A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients’ opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2017 global revenues of EUR 12.8 billion (about $14.4 billion USD at 2017 average rate).
Visit us at www.capgemini.com. People matter, results count.
CIS US CORE