SOC Engineer – Splunk/ArcSight – Contract -Dulles VA
OpenSky is a rapidly growing Professional Services organization that operates on the premise that highly skilled, smart, experienced, and energetic people are the catalyst of any successful enterprise. Our focus lies in delivering information technology (IT) services centered on infrastructure, security, and compliance requirements within our client’s environment. OpenSky’s proven consulting engagement methodology ensures timely delivery of critical technology initiatives. We offer uniquely objective solutions to our clients by providing a vendor-neutral response to complex hardware and software decisions. Our resultant response and delivery relies on qualified consultants that adhere to a project-based approach on every engagement.
At OpenSky, we have a passion for partnering with our customers on their most complex information technology projects. We encourage a spirit of collaboration and open communication with our customers, partners, consultants, and internal teams. Our values include customer-focused excellence, teamwork, open communication, and a sense of urgency in everything we do.
Our most recent accolades include:
- FOX/CT – 2013 Best Place to Work (our third consecutive year!)
- Sloan Award – Excellence in Workplace Effectiveness and Flexibility
- Named to CRN’s 2013 Tech Elite List
- Named to Inc. 500 List of America’s Fastest Growing Companies
About the Opportunity
OpenSky is seeking a SOC Analyst to support Security Operations Center. The qualified candidate will provide day to day analyses and investigative services to monitor and detect potential intrusions into the organization’s network including validating the intrusion once it is detected.
Daily activities will include reviewing of data sources (logs) for analysis from IDS, IPS and Endpoint Security Suite software products and applications. Strong working experience of Spluk and/or Arcsight is a requirement.
Daily activities also include, creating a priority list for review, reporting daily on findings and creating recommendations for process improvements especially for reducing false positives. Executive reporting, technical documentation and gap analysis will round out the responsibilities.
This position is responsible for:
* Intrusion Monitoring (IDS/HIDS)
* Incident First Response
* Firewall and Content Filter Rule Review and Analysis
* Antivirus Policy
* Threat Analysis
* Providing support and assistance during internal and external audits
* Training and evangelizing information security to Executive leaders, Engineers and Users.
* 3-5 years of Linux/Unix Experience
* 2-3 years of Technical Security Experience or equivalent certifications (CISSP/CEH/GCIH, etc)
* 2-3 years of Strong Experience with Splunk and/or ArcSight
* Knowledge of all aspects of information security with in understanding of firewalls, IDS, HIDS, Content Filtering, Network hardening, Packet Inspection, and SEIM tools.
* General knowledge of Cloud Computing environments and security issues related to those environments
* Working effectively in a team environment
* Strong written and verbal communications
* Ability to prioritize projects and deliverables
OpenSky Corporation is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law