Security Operations Analyst

Date: May 01, 2013

Location: Northern VA


Quantum Tech Staffing is seeking a Security Operations Analyst for a permanent position in Northern VA.
Under the direction of Information Security Management, the position is responsible for operating in a 24X7 Security Operations Center with flexible hours and hand-off processes between two 12 hour shifts. Primary duties include monitoring complex application, network, and management systems. The candidate will provide assistance in the development of technical security recommendations and solutions, participating in troubleshooting, forensic review, analysis and facilitate knowledge transfer to junior technical security team members.
Essential Duties:
• Assess security events to determine impact and implement corrective actions.
• Provide assistance to core security and incident response teams.
• Coordinate and escalate issues to the Cyber Incident Response Team
• Monitor and assist with web application vulnerability scanning, taking the lead at times.
• Monitor and assist with security log management and monitoring, taking the lead at times.
• Monitor Intrusion Detection and Prevention systems, assisting with operations, maintenance and configurations.
• Assist and sometimes lead enterprise-wide technology risk assessments.
• Assist with System Security Certifications and Compliance audits.
• Respond to security requests from management, application development and production control.
• Support the design, development and management of Information Security databases and informational dashboards.
• Support occasional Administrative and Service account creation.
• Manage Informational shift hand-off of open/current issues through our ticket management system.
• Assists with maintaining company’s compliance with all applicable federal, state and local laws, regulations and ordinances by abiding by company compliance program and all policies, procedures, rules and regulations.
Desired Skills
• Effective leadership skills conducive with mentoring and knowledge transfer of junior team members.
• Effective analytical, documentation, and communication skills.
• Hands-on experience with IDS & IPS technologies such as NSM, SNORT, etc.
• Hands-on experience with host based technologies such as McAfee Total Protection.
• 3+ years’ experience in a Windows environment with a clear understanding of Windows event log analysis.
• 3+ years’ experience in a Linux Redhat environment with a clear understanding of Linux event log analysis.
• Effective understanding of server security practices and tools.
• Effective understanding of Antivirus management and operations.
• Experience with enterprise information security data management tools such as ArcSight, OPNET, Cisco Works, etc.
• Clear understanding of data communications protocols and network traffic analysis.
• Experience with trouble ticketing and change management tools.
Special Requirements

Bachelor's degree in computer science or equivalent experience that provides the necessary skills and knowledge to satisfactorily perform the essential job functions.

Five to seven years of security/forensic related experience. Experience in the integration of security control capabilities into complex architectures. Maintaining one or more security-specific certifications is a plus.

General Information

Requires ability to work “off hours” to implement solutions in order to limit impact/exposure to customers.
Requires physical ability to mount network hardware in cabinets and running cabling. Physical requirements vary depending on what is being done, but may include lifting floor tiles, lifting boxes, mount equipment rails, pulling cable, physical dexterity of the hands to run cables and bolt rails in the cabinets.
Tasks involve the ability to exert moderate, though not constant physical effort, typically involving some combination of climbing and balancing, stooping, kneeling, crouching, and crawling, and which may involve some lifting, carrying, pushing, and/or pulling of objects and materials of moderate weight (weight of the equipment may vary substantially depending on the type of equipment) during the process of installing equipment, replacing components in the equipment, troubleshooting the equipment, and de-installing the equipment.

Business Relationships

Reports to Information Security Management.