Security Operations Center Lead
Arlington, VA

Job Description

Req ID: 41689

At NTT DATA Services, we know that with the right people on board, anything is possible. The quality, integrity, and commitment of our employees are key factors in our company's growth, market presence and our ability to help our clients stay a step ahead of the competition. By hiring the best people and helping them grow both professionally and personally, we ensure a bright future for NTT DATA Services and for the people who work here.

NTT DATA Services currently seeks a Security Operations Center Lead to join our team in Arlington, Virginia (US-VA), United States (US).

Responsibilities:

* Oversee the daily operations of the SOC and plans shift activities
* Works closely with Incident Management Team
* Must be willing to lead major incident management process, supports Agency leadership during the activation of major/escalated incidents
* Develop, author, and deliver process improvements for the SOC in order to maintain operational readiness for incident response
* Monitor and report on call volumes, alarm responses, and incident reports to ensure appropriate levels of service are met
* Partner with IT leadership and teams to support operational issues and prepare for potential incidents
* Support annual updates of the incident response concept of operations document
* Support annual incident response table top exercises
* Lead, mentor, and coach SOC I and SOC II staff members
* Work as part of a 24x7x365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures
* Carry out triage on security events, coordinate incidents with Incident Management Team, IT operations, network engineering, and application teams and support the Incident Management process
* Identify and respond to incidents, to prevent or limit damage to assets, and report incidents
* Detect and analyze incidents, coordinate activities with other stakeholders for containing, eradicating, and recovering from incidents
* Development of advanced analytics and countermeasures to protect critical assets
* IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics
* Supports the production and maintenance standard operational processes and procedures and playbooks for use by all shift personnel
* Provide enterprise-wide management of security incidents, managed network space, to detect, respond, and report all computer related incidents that includes daily monitoring of information systems, vulnerability remediation, intrusion detection, log reviews, and malware tracking
* Assess, identify, and remediate of the individuals and/or systems affected
* Coordinate all information security incidents complied with timeline specifics
* Coordinate the development of reports from the SIEM, NIDS, and HIDS
* Remain up to date with current attack methods and characteristics in order to identify threats and advise on prevention, mitigation and remediation
* Perform other tasks consistent with the goals and objectives of the department/contract
* Perform other duties as assigned by Senior Program Executive
* Responsible to fully document assigned tickets to show all work performed in order to pass SLRs
* Responsible to manage team to fully document assigned tickets to show all work performed in order to pass SLRs

Qualifications:

* US Citizenship required
* Bachelor's Degree plus 6 years of relevant work experience. Education Substitution: For each year of degree required, 2 years of experience may be substituted
* CISSP certification
* Experience writing threat reports and other management level communications
* Leadership experience of teams of 10 or more

Preferred Qualifications:

* ServiceNow ticketing and reporting experience
* Linux, Windows, and Active Directory experience
* Splunk SPL experience
* Experience with FireEye and Palo Alto network security solutions
* ITIL v3 experience
* Cloud and mobile device experience
* ForeScout CounterAct, DLP solutions, McAfee EPO, SailPoint experience

This position is only available to those interested in direct staff employment opportunities with NTT DATA, Inc. or its subsidiaries. Please note, 1099 or corp-2-corp contractors or the equivalent will NOT be considered. We offer a full comprehensive benefits package that starts from your first day of employment.

About NTT DATA Services

NTT DATA Services partners with clients to navigate and simplify the modern complexities of business and technology, delivering the insights, solutions and outcomes that matter most. We deliver tangible business results by combining deep industry expertise with applied innovations in digital, cloud and automation across a comprehensive portfolio of consulting, applications, infrastructure and business process services.

NTT DATA Services, headquartered in Plano, Texas, is a division of NTT DATA Corporation, a top 10 global business and IT services provider with 118,000+ professionals in more than 50 countries, and NTT Group, a partner to 88 percent of the Fortune 100. Visit nttdataservices.com to learn more.

NTT DATA, Inc. (the "Company") is an equal opportunity employer and makes employment decisions on the basis of merit and business needs. The Company will consider all qualified applicants for employment without regard to race, color, religious creed, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other class protected by law. To comply with applicable laws ensuring equal employment opportunities to qualified individuals with a disability, the Company will make reasonable accommodations for the known physical or mental limitations of an otherwise qualified individual with a disability who is an applicant or an employee unless undue hardship to the Company would result.