SIEM Analyst

US-NE-Omaha
4 weeks ago
ID
2017-1544
# of Openings
1
Category
Managed Device Team

Overview

The SIEM Analyst will provide first rate service and support by resourcefully and effectively monitoring and analyzing client’s network activities utilizing the client’s SIEM technology (located within the client’s environment) from NTT Security Operations Center (SOC).

Responsibilities

  • Command all aspects of SIEM technology for the following SIEM products supported by NTT Security: LogRythym, Splunk, QRadar, and ArcSight
  • Demonstrate world class customer service skills when servicing clientele
  • Demonstrate an ability to understand and analyze packet captures
  • Be an advocate for client requests to improve their security posture
  • Understand and abide by all NTT SOC Processes and Procedures
  • Able to perform true and false positive event (or offense) analysis with a high degree of accuracy
  • Demonstrate excellent judgment trending, alerting, and escalating events (or offenses) for clients
  • Read, interpret, and follow Client Escalation Procedures, special communications
  • Participate in continuing education, sourcing internally and externally
  • Play an active role supporting continuous process improvement
  • Remain flexible with shift and task assignments
  • Other duties as assigned

Qualifications

  • Bachelor’s Degree in Computer Science, Management of Information Systems, Computer Security, or equivalent experience preferred
  • SANS GSEC Certification and at least one additional advanced IT Security Certification (CISSP, GCIH, GCIA, CASP) or equivalent experience
  • Certification to operate one or more of the SIEM technologies listed under Essential Functions (Administrator or Operator Certification Required)
  • Demonstrate knowledge of indicators of compromise (IOC) and Advanced Persistent Threat (APT) as it applies to event/incident/offense analysis
  • Must exhibit an aptitude for thoroughly researching issues to determine a root cause
  • Must exhibit the ability to take threat intelligence and correlate it within the context of event/incident/offense analysis
  • Network/system administration/applications experience beneficial
  • Use critical thinking and problem-solving skills to make decisions
  • Knowledge of Information Security, networks, network devices, network monitoring tools
  • Multi-tasking ability
  • Excellent verbal and written communication skills
  • Exhibits a sense of urgency with good composure
  • Able to work in a supportive team environment
  • Driven to succeed
  • Desire to share information to other analysts
  • Desire to play a crucial role in the training and development of junior analysts

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed