This site uses cookies. To find out more, see our Cookies Policy

Security Administrator in North Bethesda, MD at GDH

Date Posted: 2/8/2019

Job Snapshot

Job Description

.bd_title { font-weight: bold; } SOC Tier III/ Enterprise Security Administrator 

The SOC Tier III/ Enterprise Security Administrator shall be responsible for the following, but not limited to: 

Proactively search for and respond to security events and incidents from SIEM, Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC) and other client data sources. Investigate security events forwarded from Level I & II Analysts and client for security risk. 
Perform analysis on IDS logs as well as packet trace/capture logs 
Develop and adjust SIEM rules and analyst response procedures. 
Escalate incidents and act as a Security Incident Response Team Lead when necessary. 
Enforce incident response SLAs 
Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose. 
Respond to inbound requests via phone and other electronic means for technical assistance 
Document actions in cases to effectively communicate information internally and to client. 
Adhere to policies, procedures, and security practices. 
Resolve problems independently and understand escalation procedure. Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues. 
Report common and repeat problems (trend analysis) to management and propose process and technical improvements. 
Provide resolution plans for system and network issues. 
Perform system maintenance and maintain current documentation. 
Perform other duties as assigned. 
Shift-work assignment hours which will be based on typical rotating shifts to support security operations. 

SoC Experience Required 5+ Years 
General IT Experience 10+ Years Preferred 
- Experience with a variety of operating systems including Windows, Linux or UNIX in a functional capacity 
-Zenoss, Splunk, McAfee Nitro, and RSA Secure Analytics experience preferred (or equivalent application) 
- CSIS, CEH, CSTA, CSTP, GCFE, CISSP, GCIH, GCIA, or GPEN preferred 
- Excellent written and verbal communication skills required. Must be able to communicate technical details clearly 
- Well known protocols and services (FTP, HTTP, SSH, SMB,DAP)preferred 
- Keen understanding of routing principles and networking fundamentals - Packet Analysis Tools (TCPDUMP, Wireshark, Ngrep) preferred 
-Experience leading and directing security incident response 

IDS experience preferred 

Public Trust