The #1 Site for Internships and Entry Level Jobs - search all Internships and Entry Level jobs.
Mfz6r76k64ryng4hsmb

Floor Operations Lead Engineer - Network Security

Job Description

Job Title: Floor Operations Lead Engineer - Security

Location: Cary, North Carolina USA 27513

Duration: 06 Months

Description:


'Government Network Security and Operations Center (GNOSC)

Floor Operations Lead Engineer - Security


Your primary responsibility is to ensure GNOSC (Government Network Operations and Security Center) customers receive professional service and prompt response to their needs. You will support the 24x7 Floor Operations / Service Desk function for our managed security service customers - this means initiating and working Incident Management tickets, responding to trouble calls/emails from customers, and ensuring proper work flows/assigning trouble tickets to Specialists and other employees. As Lead, you provide first level security incident handling (60%) - also act as points of escalation for Managed Security Services Specialists (10-20%). Assess changes - Security Analysis and Incident response 50/50


  • Security incident handling involves investigating issues to determine if there is a real security incident or a false positive, notifying customers as needed, and sending customers standardized emails specifying the steps they need to take to fix the problems. You are often the first to see an issue, or the issue may have been escalated from another team/management.
  • Device and health monitoring involves troubleshooting network connectivity problems concerning managed security devices, often time working with Advanced Support Team engineers and/or vendors/partner technology teams on device replacement/reconfiguration.
  • Focus on SLA attainment for your shift by ensuring ticket buckets have been ''scrubbed'' and that issues are followed through until completion or escalation.
  • Prepare Shift turnover and Shift Report to ensure continuous smooth continuous workflows between shifts.
  • Support USARC Customer Audits
  • Update and Maintain process documents as needed
  • Respond to security threats raised through the correlation and analysis of security events from sources such as firewalls, IDS/IPS devices, packet captures and security logs to include blocking IP addresses at the perimeter firewalls with near real-time response.
  • Interpret and explain PCAP data and firewall logs
  • Work with a USARC customer supporting STIG, POAM, ATO and CTO Certification and remediation plans. Assess network changes for vulnerabilities. Address Incidents/Scenarios dealing with PII, Information Spills and Stolen Assets. Address Insider Threat, Malware and Policy Violations following USARC Policy.
  • Roles include performing security analytics of network traffic and providing Incident Response per USAR Guidelines to the entire USAR community utilizing the following:

  1. Payload analysis (packet analysis)
  2. Health/alert monitoring (HM/AM)
  3. Arcsight
  4. Splunk
  5. Sourcefire
  6. BlueCoat
  7. FireEye

  • Special Projects from Management

Minimum Qualifications

Security event analysis; experience dealing with customer service requests; operating under service level agreements. Experience with ArcSight, Splunk, Cisco ASA, JunOS, Fortinet, packet capture/payload analysis. Additional vendor technology experience a plus. 3-5 years' experience in a Security Operations Center.


CompTia Security+ CE Certification or CCNA Security Certification REQUIRED


*** Must eligible to obtain a DOD Secret Level Clearance ***


==? Want to Impress?

  • Active technical certifications in the Security field
  • College degree (two or four year)
  • Experience with Sourcefire, Checkpoint, Tripwire, Bluecoat Proxy
  • Knowledge of ITIL and/or previous work in an ISO operating environment'

Job Requirements

 

Job Snapshot

Location US-NC-Cary, North Carolina USA 27513
Employment Type Full-Time Employee
Pay Type Year
Pay Rate N/A
Store Type Telecommunications
Apply

Company Overview

AIC (part of ACS Group)

Analysts International Corporation (AIC) is an IT services firm fully dedicated to the success and satisfaction of its customers. From IT staffing to project-based solutions, AIC provides a broad range of services designed to help businesses and government agencies drive value, control costs and deliver on the promise of a more efficient and productive enterprise. Learn More

Contact Information

US-NC-Cary, North Carolina USA 27513
AIC
Icon-social-facebookIcon-social-linkedinIcon-social-twitter
Snapshot
AIC (part of ACS Group)
Company:
US-NC-Cary, North Carolina USA 27513
Location:
Full-Time Employee
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
Telecommunications
Store Type:

Job Description

Job Title: Floor Operations Lead Engineer - Security

Location: Cary, North Carolina USA 27513

Duration: 06 Months

Description:


'Government Network Security and Operations Center (GNOSC)

Floor Operations Lead Engineer - Security


Your primary responsibility is to ensure GNOSC (Government Network Operations and Security Center) customers receive professional service and prompt response to their needs. You will support the 24x7 Floor Operations / Service Desk function for our managed security service customers - this means initiating and working Incident Management tickets, responding to trouble calls/emails from customers, and ensuring proper work flows/assigning trouble tickets to Specialists and other employees. As Lead, you provide first level security incident handling (60%) - also act as points of escalation for Managed Security Services Specialists (10-20%). Assess changes - Security Analysis and Incident response 50/50


  • Security incident handling involves investigating issues to determine if there is a real security incident or a false positive, notifying customers as needed, and sending customers standardized emails specifying the steps they need to take to fix the problems. You are often the first to see an issue, or the issue may have been escalated from another team/management.
  • Device and health monitoring involves troubleshooting network connectivity problems concerning managed security devices, often time working with Advanced Support Team engineers and/or vendors/partner technology teams on device replacement/reconfiguration.
  • Focus on SLA attainment for your shift by ensuring ticket buckets have been ''scrubbed'' and that issues are followed through until completion or escalation.
  • Prepare Shift turnover and Shift Report to ensure continuous smooth continuous workflows between shifts.
  • Support USARC Customer Audits
  • Update and Maintain process documents as needed
  • Respond to security threats raised through the correlation and analysis of security events from sources such as firewalls, IDS/IPS devices, packet captures and security logs to include blocking IP addresses at the perimeter firewalls with near real-time response.
  • Interpret and explain PCAP data and firewall logs
  • Work with a USARC customer supporting STIG, POAM, ATO and CTO Certification and remediation plans. Assess network changes for vulnerabilities. Address Incidents/Scenarios dealing with PII, Information Spills and Stolen Assets. Address Insider Threat, Malware and Policy Violations following USARC Policy.
  • Roles include performing security analytics of network traffic and providing Incident Response per USAR Guidelines to the entire USAR community utilizing the following:

  1. Payload analysis (packet analysis)
  2. Health/alert monitoring (HM/AM)
  3. Arcsight
  4. Splunk
  5. Sourcefire
  6. BlueCoat
  7. FireEye

  • Special Projects from Management

Minimum Qualifications

Security event analysis; experience dealing with customer service requests; operating under service level agreements. Experience with ArcSight, Splunk, Cisco ASA, JunOS, Fortinet, packet capture/payload analysis. Additional vendor technology experience a plus. 3-5 years' experience in a Security Operations Center.


CompTia Security+ CE Certification or CCNA Security Certification REQUIRED


*** Must eligible to obtain a DOD Secret Level Clearance ***


==? Want to Impress?

  • Active technical certifications in the Security field
  • College degree (two or four year)
  • Experience with Sourcefire, Checkpoint, Tripwire, Bluecoat Proxy
  • Knowledge of ITIL and/or previous work in an ISO operating environment'

Job Requirements

 
CareerRookie Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using careerrookie.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
Floor Operations Lead Engineer - Network Security Apply now