SOC Team Lead
As the authors of the Data Breach Investigations Report (DBIR) and one of the largest Internet backbones in the world, Verizon knows a thing or two when it comes to Information Security. We have an exciting opportunity for a motivated and customer-focused technical Team Lead of our Security Operations Center.
- Monitor notable events on SIEM platform and perform through analysis to determine whether an incident is warranted.
- Provide recommendations to tune existing SIEM use cases.
- Mentor and coach junior security analysts.
- Effectively monitor security incidents as well as make recommendations to improve customer security posture.
- Perform QA functions to ensure quality ticketing practices across the team.
- Attend weekly customer calls to discuss and review current incidents and investigations.
- Pull reports and track metrics to review SOC’s ability to respond and detect incidents and improve false positive rates.
- Minimum 5 years direct technical experience in network security threat analysis
- Ability/Experience to mentor and coach junior security analysts
- Experience pulling reports, metrics, and trend analysis
- Effectively monitor security incidents as well as making recommendations to improve customer security posture
- Current experience detecting and responding to security events and incident response
- Perform QA functions to ensure quality ticketing practices across the team
- Demonstration of technical proficiency with:
- One or more of the following operating systems: Microsoft, Unix, Linux, Sun, Solaris etc.
- Strong TCP/IP networking and packet analysis skills
- One or more of the following analytics tools: Splunk Enterprise Security, Arcsight, Qradar, Logrythm, Alien Vault, Nitro, RSA Netwitness or another commercial SIEM product
- Strong communication skills both written and verbal
- Excellent analytical and problem solving skills
- Strong interpersonal skills to interact with customers, team members and senior management
Ideally You'll also have:
- Linux or Windows Systems Administration
- Bash, Perl, Python scripting
- Experience with Security Orchestration and Incident Workflow tools such as Swimlane, Phantom Cyber, Archer SecOps or Resilient Systems.
- SANS or other Security industry certifications such as GIAC, GSEC, GCIA, GCIH, GREM, GPEN or OSCP
- Red Team Pen Testing
- Intrusion Detection/Prevention Systems (Snort, Bro, ELK, Squil, Mcafee, IPS, Sourcefire)
- Strong System Administration skills including shell scripting, database programming, network administration.
- Experience with endpoint protection
- Malware Analysis (FireEye, Cuckcoo etc.)
- Bachelor’s Degree in Computer Science or Software Engineering
We’re proud to be an equal opportunity employer – and celebrate our employees’ differences, regardless of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Company Type: Public Company
Company Size: 1