Job Description

Job Summary:

Works within a Security Operations Center (SOC), using prescribed plans and procedures to monitor security systems, and utilize security tools to promote the security of company assets. Assists in implementation, upgrade, or monitor security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to security breaches and viruses.

Job duties:

Some of the focus areas of this hands-on position include:
• Supports Jr Analysts for escalated issues
• Responsible for monitoring, analyzing, and interpreting security/system logs for events, operational irregularities, and potential incidents and escalating issues as appropriate.
• Responsible for administration and operational support of security monitoring and management systems.
• Responsible for utilizing, tuning, and administering security tools such as anti-virus, endpoint protection, SIEM, and other essential security solutions.
• Uses tools utilized in the security program in a way to bring benefit to the program and provide trustworthy information.
• Responsible for discovering sensitive data on the network to ensure proper security controls are utilized to protect such data.
• Responsible for monitoring network traffic and responding to security alerts
• Uses security dashboards to detect anomalous activities
• Responsible for monitoring Cloud infrastructure for security related events
• Responsible for monitoring threat/vulnerability landscape and security advisories.
• Performing periodic internal/external vulnerability scans on inventory of corporate assets to evaluate the security configuration of systems.
• Recommends appropriate measures to remediate vulnerabilities such as patching;
• Performs periodic port scanning to search for remotely accessible network ports and services that are vulnerable to exploitation and identifying any new unauthorized listening network ports.
• Uses threat hunting security tools and intelligence information to identify and remediate potential security threats.
• Perform research and remain aware of new and emerging threats to ensure newly discovered vulnerabilities are addressed.
• May assist Incident Response team member when the incident response team is active. Incident response tasks may include identification, log and event collection and analysis, communication support, and evidence handling.
• Monitors the SOC email box for alerts and requests to the SOC . Assist in performing IT audits, security reviews, IT control mapping, process documentation, control testing, deficiency remediation, gap analysis/assessments, and IT audit preparation.
• Assist in documenting Standard Operating Procedures and System Configuration Standards Knowledge, Skills & Abilities (KSAs):
• Excellent written and verbal communication skills: Must be able to articulate and persuade with the ability to communicate complex security concepts to a broad range of staff.
• Must be able to read and follow standard operating procedures
• Exceptional analytical and problem solving skills; someone who 'sees' the box differently.
• Functional understanding of IT infrastructure, information security, and compliance controls.
• Solid understanding of information technology and information security including; firewalls, IDS/IPS, VPN's, security event monitoring, and other security systems with an emphasis on control implementation and risk management
• Knowledge of relevant equipment, policies, procedures, to promote effective local, state, or national security operations for the protection of people, data, property, and institutions.
• Knowledge of the practical application of engineering science and technology. This includes applying principles, techniques, procedures, and equipment to solve technical problems
• Is able to describe the role of computer system components including domain controllers, DNS servers, DHCP, Kerberos and NTP,
• Basic understanding of Cloud environments of IAAS, PAAS and SAAS
• Skills to determine how a system should work and how changes in conditions, operations, and the environment will affect outcomes.
• Ability to explain network OSI model and the role of relevant network devices including
• Is able to explain the role of Well Known Ports • Skills to Identify complex problems and review related information to develop and evaluate options and implement solutions
• Skills to use logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems.
• The ability to apply general rules to specific problems to produce answers that make sense.
• The ability to combine pieces of information to form general rules or conclusions (includes finding a relationship among seemingly unrelated events).
• The ability to arrange things or actions in a certain order or pattern according to a specific rule or set of rules (e.g., patterns of numbers, letters, words, pictures, mathematical operations).
• The ability to identify or detect a known pattern (a figure, object, word, or sound) that is hidden in other distracting material.
• Create and manage trouble tickets to resolution • Is able to adapt to conflicting priorities

Required Education/Experience:
• 1-2 years of related work experience in IT Security
• Comfortable with multiple, current operating environments. • Hands-on experience with various security tools, including SIEMs, Vulnerability Scanners, Threat Intel tools, EDR/AV.
• Experience with SIEM technologies and alert handling.

Preferred Qualifications:
• Security +, Comptia A+, MTA, or Vendor certifications for firewalls, network devices, operating systems, or other recognized security certification is preferred.
• Formal education or degree in Cyber Security, Computer Science or related field with industry certifications or equivalent. Courses in cybersecurity, or Cloud services

Work Environment: Traditional office setting

Travel: Not required with this position This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee.

Other duties, responsibilities and activities may change or be assigned at any time with or without notice.
If you are an active Vivint employee, please apply through Workday by searching "Find Jobs".