SOC Incident Response Analyst (MID)

Date posted: 
November 07, 2017
Job Type: 
Contract to Hire
Atlanta, GA
Job ID: 

• We are in need of an Incident Response Analyst in Atlanta, GA
• The SOC Incident Response Analyst is part of the Security Monitoring and Response team which provides Department-wide 24x7 security, network system monitoring and incident handling.
• Provides technical support in system architecture, system design, system integration and technical management.
• Assists in providing technical input to the systems engineering process.
• Leads teams in developing application and technical plans.
• Guide customers in the installation and use of strategic products through education and guidance, first-rise and tuning assistance problem solving and critical situation resolution.
Qualifications/Education requirements:
• At least 7 years of relevant experience.
• B.A. or B.S. degree in Computer Science, Engineering or a related field or equivalent experience. Five (5) years of direct related experience in related field may be substituted for a Bachelor's degree requirement.
Preferred Skills:
• Perform all tasks required per shift including reporting, monitoring, and turnover
• Assess incident severity and escalate as needed
• Perform additional event/incident investigation and research as needed
• Utilize internal guidelines for effective call processing, escalation and client service
• Interact with network intrusion detection devices and other security systems via proprietary and commercial consoles, both local and remote
• Monitor and respond to alerts from network devices and work directly with vendors during circuit outages.
• Additional Responsibilities
• An understanding of a wide array of server grade applications to include Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, and others
Preferred Technical Experience:
• Experience with Microsoft Windows, Linux, TCP/IP, UNIX, IP Routing, Internet connectivity and protocols (TCP/IP) VPNs, VLAN, NAT and security concepts
• Understanding of basic network services
• Experience with/Knowledge of Enterprise Security Information/Event Management (SIEM) systems, IDS devices, firewalls, and/or antivirus management
• Investigative and analytical problem solving skills
• Understanding of security threat and attack countermeasures
• Experience / Knowledge of variety of Intrusion Detection/Prevention platforms
• Experience with VPN, SSL, other encryption methodology / technology a plus
Knowledge of/Experience with the following:
• Lancope (Stealth Watch)
• PaloAlto Next Gen Firewalls
• Fire Eye MPS'
• HP ArcSight
• HP Tipping point
• Must have strong written and verbal communication skills
• Attention to detail and great organizational skills
• Ability to maintain focus while performing in depth log analysis
• Ability to think outside the box when investigating events
Clearance: Secret
Duration: Contract to Hire