Director- Managed Detection and Response to provide shift leadership and second tier technical support to the 24x7x365 operation.

*** This position is 100% remote ***

Responsibilities:

• Mentoring and oversight of junior analysts; guide their intrusion event investigations
• Monitoring of security events in various SIEMs, as well as other security feeds, and general purpose communications tools (email, phone, chat, and other communications)
• Triage incoming security events such as host compromises, DDoS attacks, and network intrusion attempts
• Perform analysis of threat events and escalate to customers if events deem additional response action
• Document event analysis in sufficient detail that the analysis process can be passed to other cyber security personnel. Analysis will be entered into a ticketing system
• Monitoring of security appliance health, basic troubleshooting of security devices and their network connections, and notification to security engineering as necessary for malfunctioning equipment
• Ensure procedures are followed
• Perform basic modifications to firewall settings
• Ticket review and quality control
• Resolve incidents/outages if possible
• Provide 24x7 operational support; on a rotating/static shift schedule (including overnight shifts)
• Documentation skills a must

Desired Skills/Experience:

• Good understanding of SIEM technologies and software (McAfee ESM, HP ArcSight, Splunk)
• Familiar with various malware categories, their characteristics, and network-based indicators of compromise
• Familiar with networking vulnerabilities and exploit methods such as DDoS, XSS attacks, SQL injection and how to recognize attacks in-progress
• Enterprise-level experience performing incident triage, analysis, response, and remediation for computer network intrusions, web application and server attacks, insider threats, and malware infections
• Ability to evaluate available information, identify information gaps, recreate incident timeline of event activity
• Ability to correlate and analyze log information, packet captures, security alerts, and artifacts to identify initial entry vectors, network traversal, and scope of malicious activity
• Intrusion Detection/Intrusion Prevention System (IDS/IPS) familiarity, especially SourceFire and McAfee NSM
• Operating Systems: Strong understanding of Windows and Unix/Linux high-level operating system functionality
• Networking: Strong understanding of enterprise-level networks, networking protocols, devices, and architecture
• Communications: Ability to effectively communicate in a professional environment with executive level and junior people, strong report writing skills.
• Bachelor degree in an Information Security or IT-related field
• CompTIA Network+/Security+
• SANS GSEC/GCIH/GCIA/GSE
• ISC2 CISSP

Keywords: Security Operations Center Manager SOC Supervisor Security Operations Center Supervisor Candidates should be flexible / willing to work across this delivery landscape which includes and not limited to Agile Applications Development, Support and Deployment. Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.

Click the following link for more information on your rights as an Applicant - http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law

About Capgemini

A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients' opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2017 global revenues of EUR 12.8 billion (about $14.4 billion USD at 2017 average rate).

Visit us at www.capgemini.com. People matter, results count.