Security Operations Engineer

About The Position

Requirements

• US Citizenship
• Bachelor’s Degree in Computer Science, Information Technology or related engineering discipline or equivalent work experience in a related field.
• Strong problem solving and root cause analysis skills
• Minimum of 2-3 years’ experience supporting security operations center / service desk / call centers
• Customer service focus, and strong interface/communication skills
• Ability to ask relevant questions of customers and engineers in support of problem resolution.
• Ability to work independently with little supervision.
• Ability to follow procedures and work instructions to perform tasks
• Identify process gaps and proactively improve system inefficiencies
• Excellent written and verbal communication skills.
• Ability to support shift work
• Must pass pre-employment qualifications of Cherokee Federal
• This position requires an active Public Trust clearance or the ability to obtain a Public Trust clearance to be considered.

Responsibilities

• Responsible for monitoring the network within the firewall (LAN)
• Responsible for monitoring the network beyond the firewall (WAN)
• Assist in establishing a mature and optimized Security Operations Center discipline to support managed security services focused on vulnerability and security information event management engagements.
• Monitor and analyze Security Information and Event Management (SIEM) and other tools to identify security issues for remediation.
• Monitor and analyze alerts and notifications from multiple security systems.
• Communicate, escalate, and/or mitigate alerts regarding intrusions and compromises to the enterprise.
• Conduct operations surrounding cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host-based forensics, as needed.
• Perform scanning and monitoring activities to provide in-depth visibility into potential known and unknown vulnerabilities and threats that may pose risks to our environment.
• Document actions in cases to effectively communicate information to internal and external stakeholders.
• Perform hunting for malicious activity across the network and digital assets.
• Maintain incident logs with relevant activity.
• Document investigation results, ensuring relevant details are passed to GSOC Lead and stakeholders.
• Participate in root cause analysis or lessons learned sessions.
• Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units.
• Performs other job-related duties as assigned

Benefits

• Medical
• Dental
• Vision
• 401K
• other possible benefits as provided