Monitors network equipment and traffic and proactively hunts for security threats including insider threat.
Monitors, identifies, manages, tracks, and analyzes events and tunes alerts utilizing SIEM tools such as ACAS, FireEye, HBSS, PaloAlto, SCCM, SCOM, SolarWinds, Splunk, and Tanium for event tracking and correlation to ensure integrity and confidentiality of network infrastructure and data.
Identifies and reports potential incidents per standardized processes and procedures. Conducts security systems testing.
Compiles and maintains internal standard operating procedures (SOPs) in accordance with current industry best practices and direction.
Monitors alarm dashboards and mailboxes; manages service requests via phone, email, and web portal; performs remote troubleshooting; dispatches technicians, and escalates to Tier 2/3 technical teams.
Performs testing/triage of equipment supporting network and security operations.
Requires 8 to 10 years with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD.