CGI Technologies and Solutions, Inc. Tier II Security Operations Center Analyst in Huntsville, Alabama
Tier II Security Operations Center Analyst
CGI-experience the commitment
Find similar career opportunities
City:Huntsville, Alabama, United States
Employment Type:Full Time
Meet our professionals
CGI: An employer of choice
CGI Federal is seeking a Security Operations Center Security Specialist to support our Security Operations Center team based out of Huntsville Alabama.
A Security Specialist needs to attain a vast technical expertise, security experience, and business understanding. The duties and responsibilities of the SOC Security Specialist include many aspects of leadership and security knowledge.
Security Specialists are to stay abreast of security trends to provide actionable recommendations, implement these recommendations, and disseminate the information (as needed), to peers and leadership. Examining trends daily operations and event data to determine emerging security threats, will allow the ability to pinpoint areas requiring improvement such as staffing, training, processes, policies or technologies. Security Specialists will also research and apply techniques to centralize processes, automate repetitive tasks, and generate higher productivity from the team, this includes developing focused reporting and briefings for cyber threats.
The Security Specialist has the overall responsibility of providing training, knowledge, guidance, and direction for security awareness mitigations under the teams operational scope. Security Specialists need to have an up-to-date understanding and knowledge of outstanding security issues, detection abilities, mitigation procedures, tools, and monitoring objectives within the SOCs area of responsibility.
In the case of Incident Response, the Security Specialists are responsible for ensuring the proper completion of all incident response activities, primarily high priority, critical, and corporate visibility incidents. Security Specialists ensure the necessary documentation reports are generated and the proper guidance is provided for SOC members to meet SLA and meet deliverable requirements. Security Specialists need to provide a defined structure to prioritize and escalate issues and to establish proactive, rather than reactive, methods within the security team.
Your future duties and responsibilities:
Understand and maintain the appropriate knowledge of Security Technologies, (AV, FIM, HIPS, NIPS, SIEM, WAF/DAM, DLP), security procedures, and services within the SOC as well as ensuring all tools are functioning properly.
Perform post-incident report according to standard operations as well as activities such as identifying what was done right and wrong, identifying tools that may have helped the investigation and those that hindered it. Discuss with the responsible parties on what could have been done better
Is responsible for designing or participating in the implementation of the technical solution/processes in compliance with the security standards and operational feasibility.
Assist in developing and maturing the future services and capabilities of the SOC, such as Forensics, Threat Management, Penetration Assessments, Tool Management, and more.
Ensure that all procedures and operations are carried out by the responsible parties.
Perform incident triage to include determining scope, urgency, and potential impact.
Assist Analysts in monitoring network traffic and security alerts for potential events/incidents as well as trending and historical analysis and ensuring all incident reports are complete and written within standard operations, ensure ticket audits and reviews are completed
Provides support to security operational teams on escalated incidents including troubleshooting, analysis and resolution, Act as a security representative for SDMs for high priority incidents
Provides oversight on incident handling to ensure all mitigation techniques are being achieved
Ensure the transfer of knowledge between analyst shifts and leadership to provide an understanding of all updates, assignments, training, and SOC procedures.
Act as an escalation point for event analysis and incident handling, Required to control and manage Critical incidents to ensure all standard operations are taking place
Develop focused reporting and briefings for advanced cyber threats
Ensure event analysis and incident reports are documented and quality control is applied to ensure accuracy.
Provides the training, time, guidance, direction, and administrative action to ensure that team responsibilities are completed at the best quality level possible.
Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter.
Serve as work area experts for security/information assurance policy recommendations.
Gather intelligence from sources outside the SOC (both internal and external sources) and leverage for operations
Required qualifications to be successful in this role:
Education or Experience
Minimum of four (4) years of direct experience as a Security Analyst or SOC role within the last eight years, and demonstrated ability to carry out the functions of the job or any combination of education and experience, which would provide an equivalent background
Experience and extensive knowledge of a SIEM and event analysis and information gathering
Experience in leading Security Incident Handling procedures using SANS methodology
Ability and experience in writing clear and concise technical writing specifically in event analysis and incident handling documentation
Experience in Intrusion Detection or Prevention Systems
Experience with the TCP/IP stack, DNS, BGP and metadata.
Knowledge of: TCP/IP, computer networking, routing and switching
Experience in Linux/UNIX and Windows based devices at the System Administrator level
Team player, excellent communication skills, good time management
Organizational skills and the ability to work autonomously with attention to processes
Ability to speak and communicate effectively with peers, management and clients
Ability to speak and write fluently.
SIEM experience with Splunk
Content Management and development for Security technologies (AV, FIM, HIPS, NIPS, SIEM, WAF/DAM),
Security +, Network +, CISSP, CEH, GCIA, GCIH, CISM, SPLUNK Training
Knowledge and Experience of Security practices within an MSS environment.
US Federal Government security clearance (Public Trust), or the ability to become cleared
Experience in training mentoring colleagues
Due to the government contract, the position requires candidates to be US Citizens with the ability to get a security clearance.
What you can expect from us:
At CGI, were a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 65,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at www.cgi.com.
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.
We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.
No unsolicited agency referrals please.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary depending upon specific assignment, or upon any US government security clearance if required. Qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, gender Identity, sexual orientation, national origin, age, disability, veteran status, pregnancy, or other status protected by law. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGIs legal duty to furnish information.
Referral First name*
Referral Last name*
By checking this box you agree to allow us to contact the individual listed above about your referral and that the referral meets eligibility criteria.
Are you interested in this job?
In the US, CGI is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, ancestry, color, sex, religion, age, national origin, citizenship status, disability, protected veteran status, marital status, sexual orientation or perceived sexual orientation, gender identity, familial status, political affiliation, or any other classification protected by state or federal law.
CGI is committed to the principles of equal employment opportunity and to compliance with US laws and regulations. Click here at http://documents.njoyn.com/homebase/cgi/AMSDocs/EEOPolicy-Signed2015.pdf to access our US EEO/Affirmative action policy.
Applicants have rights under Federal Employment Laws:
EPPA at http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eppac.pdf
FMLA at http://www.dol.gov/whd/regs/compliance/posters/fmlaen.pdf
Consolidated EEO Is The Law at http://www.eeoc.gov/employers/upload/eeocselfprint_poster.pdf
If you need an accommodation in order to complete the application process, click here at http://documents.njoyn.com/homebase/cgi/AMSDocs/AccommodationNeeded.pdf .
We make it easy to translate military experience and skills! Click here at http://cgi-veterans.jobs/ to be directed to our site that is dedicated to veterans and transitioning service members.