View Our Website View All Jobs

Security Analyst (CSOC)

** ONLY GREEN CARD and US CITIZEN are encouraged to apply**

Job Title: CSOC Analyst / CSOC Consultant /  CSOC Lead (Security Analyst)

Job Duration: 4 months (Contract to Hire)

Job Location: Little Rock, AR || The Woodlands, TX 

  • The CSOC Analyst provides initial alert identification, analysis, and documentation using SIEM, antivirus, and other security alerts. They continue to support the TCIRT during an incident by providing additional alert information that may correlate with the incident under investigation.
  • The CSOC Analyst is a technical position that requires working experience with Security Information and Event Management (SIEM) technologies. Upon suspicious alert detection, the CSOC Analyst must be able verify alert details, identify and gather appropriate alert details, and follow incident playbooks to take additional triage steps as necessary. This position will also work closely with the CSOC Lead and other members of the Entergy Information Security team.
  • The CSOC Analyst will perform the technical operation of the Consolidated Security Operations Center (CSOC), to include all facilities, tools, process and procedures, in order to provide effective execution of 24x7 monitoring operations for both physical and cyber security.

Primary Duties & Areas of Responsibility

  • Perform 24x7 monitoring to detect suspicious, unusual, or malicious activity and escalate it to the proper personnel through proper channels
  • Status monitoring and event detection (24x7 eyes on glass) of physical and cyber monitoring systems including SIEM, AV, IPS, DLP, card access and video analytics
  • Manage escalation to next tier level including to Incident Response, Security Operations, Corporate Security, and outsourcing providers
  • Recommend enhancements and tuning for the security event and information management technologies
  • Proactively detect and 'hunt' for network and end-point anomalies throughout the IT environment
  • Coordinate with 3rd-party vendors for field equipment repair such as card reader, and door locks/contacts
  • Coordinate alternative security measures with field support, Corporate Security, and 3rd-party security contractors
  • Monitor privileged account usage and detect unauthorized changes, with close watch on vendor and administrative accounts
  • Maintain contact and communications with business unit personnel (Transmission, Fossil, SPO, Corporate Security) regarding the detection of security events (physical and cyber)
  • Monitor personnel's adherence to CIP physical security policies and procedures via video surveillance
  • Monitor physical security systems to include access control systems, digital video surveillance systems, CCTV, building security, building automation, and physical intrusion detection systems.
  • Tier 1 support for system issues such as device failure, application failure, etc.

 

QUALIFICATIONS:

  • Must be a US Citizen or Green Card
  • At least 3+ years of experience in Information Security, Risk Management, Infrastructure Security and Compliance
  • 3+ years of physical security consulting experience or relevant equivalent in a corporate environment
  • Good understanding of Security Information and Event Management concepts and hands-on experience on industry standard products.
  • Experience in Operation of any SOC solutions (e.g. SPLUNK, HP ArcSight, RSA Envision, McAfee Nitro, Alien Vault, Q1 Labs, etc)
  • Basic level of expertise in UNIX, Linux, and Windows Operating System
  • Complete understanding of TCP/IP, HTTP, HTTPS, SSL, Protocols.
  • Port scan and Vulnerability scanning techniques should have hands on experience.
  • Exploit and detection analysis skills, including ability to analyze logs for useful information and patterns
  • Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring.
  • Good understanding and experiences with Infrastructure Security, Risk assessment and Security Information and Event Management.
  • Good understanding of frameworks such as ISO 27001/27002, COBIT, and other relevant compliance such PCI, HIPAA, SOX,  FISMA, and others that are required for Security Information and Event Management.
  • Experience with conducting and directing research into IT issues and products.
  • Ability to work effectively with team members and with customers
  • Self-motivated, with ability to manage and follow up on multiple tasks simultaneously
  • Rigorous attention to detail
  • Analytical ability, consultative, and strong judgment
  • Ability to approach problems from multiple angles and find creative solutions
  • Effective verbal and written communication skills
  • Strong understanding of Information Security concepts and trends
  • Demonstrated commitment to customer service with excellent oral and written communication skills
  • Ability to provide 24/7 on-call support

PREFERRED:

  • Previous experience working in 24x7 Security Operations Center (SOC)
  • Previous Data Loss Prevention or Information Security experience
  • Experience with ISO, ITIL and/or Cobit framework
  • Industry standard certifications (CISSP, CISM, CPP, PSP, etc.)

 

Minimum Educational Background and Physical Requirements Required To Perform Job:

Associates’ and above degree in information technology with a focus on IT security OR at least 3 years of experience in a Security operations or role.

 

 

Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

150