Director of Security Operations overseeing incident response tasks at Gartner. Leading a geographically dispersed team and improving capabilities for detecting and responding to threats.
About the role
- CSOC Analyst T2 responsible for addressing advanced cybersecurity challenges in Security Operations Centers. Leverage expertise for incident response and risk management at Nightwing's mission support services.
Responsibilities
- Identification of Cybersecurity problems which may require mitigating controls.
- Analyze network traffic to identify exploit or intrusion related attempts.
- Recommend detection mechanisms for exploit and or intrusion related attempts.
- Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies.
- Escalate items which require further investigation to other members of the Threat Management team.
- Execute operational processes in support of response efforts to identified security incidents.
- Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements.
- Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc.
- Follows strict guidance on reporting requirements.
- Keeps management informed with precise, unvarnished information about security posture and events.
- Promotes standards-based workflow both internally and in coordinating with US-CERT.
- Engages with other internal and external parties to get and share information to improve processes and security posture.
- Supervises and guide team efforts.
- Communicates to CISO leadership.
- Produces design documentation.
- Leads analyzing/investigating reports or anomalies.
Requirements
- Must be eligible to obtain a sensitive clearance – Position of Public Trust.
- Must have 5+ years of relevant work experience.
- Must have experience in: Endpoint Detection and analysis, Sysmon log analysis, IT security, Network traffic analysis.
- Strong working knowledge of: Boolean Logic, TCP/IP Fundamentals, Network Level Exploits, Threat Management, Regular Expressions.
- Knowledge of Control Frameworks and Risk Management techniques.
- Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies.
- Strong understanding of common IDS/IPS architectures and implementations.
- Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection.
- Certifications (one or more desired) DOD 8570.1-M Compliance at IAT Level II; CISSP, Certified Ethical Hacker (C|EH), Sec+, SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, or CCNA.
- U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
Benefits
- Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services.
- The ability to obtain and maintain a U.S. government issued security clearance is required.
- Excellent interpersonal and organizational skills.
- Collaborate with cross-functional teams to deliver high-quality security incident resolutions.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Manager for Product Security Ops & Strategy at Salesforce overseeing strategic initiatives and ensuring alignment with security goals. Driving operational excellence and executive communication across teams.
Principal SOC Engineer shaping cyber defense at The Missing Link. Engaging with clients and mentoring engineers in advanced security technologies.
Security Operations Manager responsible for planning and managing security programs at Cox Enterprises. Collaborating with stakeholders and analyzing security vulnerabilities while conducting investigations.
Security Operations Centre Analyst for Paysafe, responding to real - time security alerts and assisting Incident Response in security events. Requires collaboration in a global team environment with various security frameworks.
SOC Analyst focusing on real - time security monitoring and incident response for Atos Group in Bengaluru, ensuring proactive threat detection and effective response to incidents.
Manage global corporate security operations programs at OpenAI, collaborating across teams to enhance security measures. Focus on operational standards and program development for effective security initiatives.
Senior SOC Analyst leading advanced security monitoring and response across various platforms. Collaborating with teams to strengthen security posture and mentor junior analysts.
SOC Analyst developing cybersecurity solutions at Capgemini for leading organizations. Engaging in incident response and security operations in a collaborative environment with global colleagues.
Security Operations Engineer focused on secure coding practices and incident response at LUZA Group. Collaborating with security, engineering, and DevOps teams to reinforce organizational security posture.