Beschreibung
Currently we are searching for a candidate who is able to cover the following position:Project description:
The SOC Level-1 Analyst functions as an intrusion analyst to examine security events for context, appropriateness, and criticality. The Level-1 Analyst functions as an information security researcher to assist personnel at the parent organization with insight and understanding of new and emerging information security threats
Key Operational Activities:
Confirm that all monitoring and activity reports scheduled to run, have successfully completed
Daily Operational checklists and tasks such as:
Log analysis and review
Vulnerability management activities
Management reporting
Alert analysis
Adding, modify and deleting filters
Verifying that escalation follow-up activities have been accomplished
Investigating suspicious security event activity
Maintaining and enforcing adherence to corporate and SOC standards, policies and procedures
Key Job Functions:
The Level-1 Security Analyst must keep the documentation of the SOC up to date. Any new procedures or changes to the existing procedures must be documented as part of the normal job functions of the SOC.
The Level-1 Intrusion Analyst must keep up to date on the latest security information in order to validate the security analysis and identification capabilities of the monitoring technologies.
The Level-1 Intrusion Analyst must have a good understanding of security device vendor s products; primarily firewall, IDS/IPS, router, switch, etc... for device vulnerabilities or security issues.
The Level-1 Intrusion Analyst must keep current on the published vulnerabilities of enterprise hardware, operating systems, and applications.
The Level-1 Intrusion Analyst participates in log analysis and definition of security filters and rules for implementation within the ArcSight SIEM.
The Level-1 Intrusion Analyst gathers technical information pertaining to new security threats and vulnerability trends.
The Level-1 Intrusion Analyst assists in SOC product evaluations and recommendations
Key Skills:
Analytical skills
Proven track of experiences in the above describe role in an ArcSight ESM environment
deep network TCP/IP knowledge and intrusion analysts skills
preferably SANS certified in Intrusion Detection In-Depth
proven track of experiences in an Security Operations Centre
Intermediate UNIX knowledge is a requirement, advanced UNIX knowledge is a huge benefit
Basic knowledge of security devices and what job they perform on a network
Ability to learn new technologies quickly so they can be integrated into ArcSight
Experience in different types of IT groups is very helpful
We are looking forward to your application with a significant cv!
Start: 01.09.2010
Dauer: 30.11.2011
Art: Contract