• Security Operations Architect

    Job Locations US-PA-Cranberry TWP
    Job ID
    2019-1783
    Category
    Hidden (53764)
  • Overview

    The SOC Architect (SA) is a hands-on technologist who is an expert in the use of the technologies that comprise Continuum’s SIEM solutions reporting to the Director of SOC Operations (US). The scope of this position is company-wide and requires an understanding of all partner facing systems the company uses and how they provide value to our partners. The SA works closely with other members of the Security Teams in ensuring that the information security posture of the company’s solutions is maintained and takes a proactive approach in continually assessing the effectiveness and efficiency of the SIEM offerings.

     

    Responsibilities

    • Serve as the primary escalation point for SIEM platform issues
    • Serve as a SME for the SIEM platform
    • Develops and implements effective correlation rules
    • Tunes SIEM components to ensure maximum reliability and reduce false positives
    • Review security context alerts and logs using the security information event management platform (SIEM) or other tools
    • Promptly respond to requests for assistance from partners and others
    • Escalate security events/incidents according to defined workflow and in accordance with any relevant SLAs
    • Adhere to relevant policies, procedures, standards and security good/accepted practices
    • Resolve problems independently and understand escalation procedure
    • Respond in a timely manner to all requests for access or other security exceptions requiring approval or involvement
    • Take responsibility for customer satisfaction and overall success of managed services
    • Interface with a variety of customers in a polite, positive, and professional manner

    Qualifications

    • SIEM platform solutions experience (i.e. EventTracker, QRadar, FortiSIEM, SPLUNK)
    • 5-7 years of experience in information technology in an area such as; networking, desktop engineering, programming, systems administration, help desk
    • Significant experience working with and expertise in understanding the Windows Event Log environment
    • Practical experience with and working knowledge of syslog
    • Significant experience with and expertise in creating event correlation logic and rules
    • Significant experience and expertise in using security information event management platforms (SIEM) for searching and correlating events
    • Strong critical thinking and problem-solving skills
    • Possess excellent troubleshooting, problem solving, and verbal/written communication skills
    • Ability to manage critical situations, and maintain solid relationships with colleagues, firm staff and attorneys
    • Ability to anticipate problems, communicate them, and resolve if appropriate
    • Ability to work independently and as part of a team
    • Must have strong written/verbal communication skills
    • Must be detail oriented with strong customer service skills
    • Requires strong interpersonal and organization skills
    • Certifications: CompTIA, ISC2, Microsoft, EC Council, etc. preferred
    • Maintain current security certifications and attend industry seminars and relevant continuing education events
    • ITIL Foundations preferred
    • Performs other work-related duties as assigned

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.