IntelliDyne, LLC

  • Security Operations Center (SOC) Team Lead

    Location US-VA-Falls Church
    Posted Date 4 weeks ago(4/25/2018 10:08 AM)
    Job ID
    2871
    # Positions
    1
  • Qualifications

     

    Title: Security Operations Center (SOC) Team Lead

    Basic Qualifications & Education:
    •5+ years of information technology experience in systems administration, network administration, or IT engineering.
    •5+ years of experience administering systems security, network security, firewalls, intrusion detection and prevention systems, incident response systems, anti-virus products, and/or other security software and tools.

    • 5+ years working in a large enterprise environment in a senior role.
    • 2-3 years leading a team of 3 or more people.
    • Bachelors degree in related field or 10+ years of full-time information technology experience in lieu of a degree.
      •Excellent interpersonal, interviewing, analytical and problem solving skills to address variable situations.
      •General knowledge of industry security requirements, standards, and best practices.
      •Strong written and verbal communication skills; ability to document processes and write comprehensive security recommendations.
    • Must be a self-starter with ability to lead and develop a team of SOC analysts and network engineers with minimal supervision.
      •Professional attitude, able to to communicate and interact with individuals at all levels across various information technology and business sectors.
      •Strong organizational, project management, and customer service skills. Ability to act in the best interest of the client both within a team and self-directed.

      Required Qualifications:
      •3+ years of experience working with: Security Information Event Management (SIEM), Signature Tuning, Continuous Monitoring, Intrustion Detection/Prevention Systems (IDPS), Network Mapping, Network Traffic Analysis, Intrusion Attempt and Investigations, Log Management Systems, Packet Capture, Endpoint Security Systems, Cyber Forensics, WLAN Monitoring, and/or Threat Modeling.
      •3+ years of experience: Analyzing security data and findings, Conducting Root Cause Analysis, Conducting Security Audits and Documentation, Tuning Security Systems, Developing and Maintaining Incident Response Plans and Procedures, and deploying new security tools in a production environment.
    • Experience with Juniper STRM, McAfee SIEM, QRadar, Encase, Splunk, Elsa, Bro, Security Onion, Wireshark and other security tools.


    Required Certifications:

    • Security+CE

     

    Preferred Certifications:
    •GIAC GSEC, GCIA, GISF, GCED, GCWN, GPPA, GMON, GCUX, GCCC

    • ISC2 CISSP, CCFP, CCSP, SSCP, CSSLP, HCISPP



    Clearance:
    • Secret

    Responsibilities

    Principal Duties and Responsibilities:

      

    • Perform cyber defense activities, evaluate and lead in deploying new security tools.
    • Lead and manage in the training of new monitoring tools and threat mitigation strategies. 
    • Provide communication and feedback on enclave security posture based on client defined needs and requests.
      •Provide information on security posture and threat activities to security management, auditors, and client.
      •Ensure compliance with Communications Tasking Orders (CTO) and Warning Orders (WARNORDS) issued by JTF-GNO and DISA.
      •Lead in identifying, reporting, investigating and responding to security breaches and network incidents.
      •Review and enforce security policy, guidance, and directives.
      •Conduct in-depth continuous monitoring; tuning of security devices and management of alerts.
    • Lead incident response, communicating with stakeholders and conducting investigation activities.
      •Provide reporting metrics to Management to assist with policy and direction.
      •Assist with Certification and accreditation activities (including documentation, scanning, mitigation activities, and identification of false positives).
      •Conduct analysis and provide recommendations on policy, design, and solutions for increasing the security of the enterprise.

      Work Schedule:
      •Full-Time
      •Day Shift*

      *This is an incident response position and therefore may require work beyond normal duty hours to include on-call in emergency situations.

    Overview

    Overview:

     IntelliDyne, LLC is seeking an experienced SOC Lead for our client’s Network Operations. Information Systems Assurance and Security is a paramount concern for Businesses and Organizations across the globe today. The client’s network supports close to 2500 users, including workstations, more than 200 Enterprise Servers, and 250 network devices. We host the client Intranet as well as data and applications critical to the Department of Defense mission ensuring the availability and security of all assets maintained by the Network Operations Center (NOC). To facilitate the mission and meet the Security requirements the SOC Lead will organize and manage the processes and tasks relating to the Security of the Information Systems in the environment and coordinate these efforts with the Information Assurance Officer. The SOC Lead will be a subject matter expert on continuous active monitoring of the network and enterprise system. The SOC Lead will work directly with the NOC Engineering group to assist with configuration and implementation of Security related tools and software as well as Security policy interpretation.

     

    The IntelliDyne Way

    IntelliDyne is a consulting firm that enables better business performance through innovative technology solutions. We manage public sector programs that deliver higher operational efficiency and measurable value to clients. We advise, develop, and execute effective solutions in Cyber Security, Cloud Computing, Application Development and Mobile Computing, Business Process Management, Data Center Consolidation, Enterprise Collaboration and Enterprise Infrastructure Management.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed