Role Responsibilities

• Understand and interpret portal data, and act as trusted security advisor to the Client
  
• Vulnerability management/remediation focus Qualys preferred; Nessus, LAN Guard or eEye.
  
• Understand Clients culture, security strategies, security goals, security objectives, security capabilities, and security budget
  
• Assist in developing and maintaining Client asset classification and categorization in the portal
  
• Assist with change management processes
  
• Maintain knowledge and attend briefings from the CTU
  
• Provide information security project management assistance to Client
  
• Work with Client to assist with technical security escalations
  
• Keep Client abreast of problem status, set clear expectations, provide timely follow-up to Client, and independently handle challenging Client situations on a daily basis
  
• Conduct web portal training for Client team members
  
• Provide reporting to Client personnel on a regular and ad-hoc basis
  
• Act as Initial go-between for Client and the SOC for escalations
  
• As a managed security provider, expects its employees to understand and apply commonly known security practices and possess a working knowledge of applicable industry controls such as NIST 800-53.
• Employees will be expected to acknowledge their security responsibilities in writing prior to gaining access to company systems.
• Employees will be required to maintain a working knowledge of local security policies and execute general controls as assigned.
  

Requirements

• Minimum of 5 years of networking and system administration experience
  
• Minimum of 2 years of experience in one or more of the following security domains: vulnerability management, remediation, SIEM Management, Incident Response, etc.
  

Preferences

• Bachelors degree in Information Security, Cyber Intelligence, Computer Science, Management Information Systems, or related discipline desired
  
• CISSP, CEH, SANS GIAC series and other certifications that demonstrate a commitment to continued professional information security advancement are expected, but not required
  
• Proficient experience: working in an ITIL environment; working with Trend Micro, ServiceNow, Qualys, and Cisco ASA
  
• Knowledge of large networks and networking technologies such as VLANs, STP, SDN, and routing
  
• Proficient: ability to read/translate IDS/IPS, syslog & firewall logs, rules and configuration
  
• Past experience with a security tools such as vulnerability scanners, anti-malware, IDS/IPS, DLP; past experience with a major ticketing system and a SIEM portal and/or reporting system (log front-end) such as Splunk, ArcSight, etc.
  
• Proficient understanding of syslog, Snare and large/complex logging architectures (i.e. log collection from multiple sites, reliability, redundancy)
  
• Malware Tool Support: Configure and support malware protection tool or suite of tools;
  
• Firewall and Network Compliance Tool Support; Take full responsibility for the firewall and network compliance tool
  
• Strong technical report writing skills
  
• Experience as an Incident Handler in a large organization; Unix/Linux skills
  
• Previous consulting experience and strong soft skills
  
• Detailed knowledge of security technologies and trends
  
• Fundamental understanding of defense in depth strategies