SOC Security Analyst, LogRhythm - Dallas, TX
Dallas, TX

Job Description

Fujitsu America, Inc. provides a complete portfolio of business technology services, computing platforms, and industry solutions. Fujitsu platform products are based on scalable, reliable and high-performance server, storage, point-of-sale, and mobile technologies. Fujitsu combines its renowned platform offerings with a full suite of onshore, near shore and offshore system integration, outsourcing, and datacenter services covering applications, operations, infrastructure, customer service, and multi-vendor lifecycle services. Fujitsu provides industry-specific solutions for retail, manufacturing, healthcare, government, education, financial services, and telecommunications sectors. For more information on Fujitsu America's business scope, visit http://solutions.us.fujitsu.com/; http://www.fujitsu.com/us/themes/security/; http://www.fujitsu.com/us/solutions/business-technology/security/security-services/

We are looking for a Security Analyst for our SOC (Security Operations Center) Group in our Dallas, TX location.

Appropriate candidates should possess at least 2-4 years' experience in a Security Operations Center as part of a Managed Security Services offering. We are looking for candidates who can provide a well-rounded knowledge and experience base in incident response and security event analytics. An overall flexibility and willingness to work under unpredictable time and project variables is essential.

The Security Operations Center Analyst will be responsible for the following:

* Detection, monitoring, analysis, resolution of security incidents; participate in providing containment recommendation
* Coordinate escalations to internal support teams to ensure timely delivery of incident resolutions
* Perform network/system/application/log intrusion detection analysis and trending
* Participate in the security incident handling efforts in response to a detected incident, and coordinate with other stakeholders
* Ensure that Service Level Agreements are met
* Maintain standard operating procedures, processes and guidelines
* Automate security analysis, administration and remediation procedures, workflows and tasks
* Maintain awareness of trends in security regulatory, technology, and operational requirements
* Participate in client audits
* Role will participate in a shift rotation based on a 24/7 schedule; flexibility and adherence to this schedule are a requirement of the role

Additional responsibilities will include but are not limited to:

* Provide detection and response to security events and incidents within the Fujitsu Network as well as various supported customer networks
* Security log management and monitoring
* Intrusion detections and prevention systems operations
* Vulnerability detection, assessment, and mitigation
* Risk assessment and deployment of security patches.
* Antivirus management and operations.
* Develop and maintaining information security metrics.
* Provide assistance to core security and incident response teams
* Enterprise encryption support
* Development and distribution of various security advisories and awareness messages
* Maintain growing knowledge of industry trends relating to security management and services.

SOC personnel will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to facilitate response to incidents at a global scale. You will work with industry respected malware, network and incident response analysts to coordinate a best in class response to computer related incidents.

Qualifications:

Education or Experience:

* Graduation with a degree from a recognized university with specialization in Computer Sciences or a related discipline, combined with a minimum of (1) years of directly related practical experience and demonstrated ability to carry out the functions of the job OR
* Completion of two years of an acceptable post-secondary educational program in Computer Sciences from a recognized community college, or in a related discipline, combined with a minimum of (2) years of directly related practical experience and demonstrated ability to carry out the functions of the job OR
* Minimum of (3) years of directly related practical experience within the last eight years, and demonstrated ability to carry out the functions of the job.

Required Skills:

* Candidate should possess a knowledge in the following technical skills: Incident Response, Log Analysis, TCP/IP, Network Traffic Analysis, Antivirus/Malware, Intrusion Detection/Prevention, Security Incident and Event Management Systems (SIEM), Packet Analysis Techniques, Event Correlation, and Incident Triage.
* Familiar with security tools & programs: LogRhythm, ArcSight, QRadar, FireEye, Palo, Checkpoint
* Experience in security penetration testing
* Experience using ticketing systems such as Remedy
* Knowledge of application security including web applications, web services, XML, SOA, AJAX, JSON, and web scanning tools
* Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
* Knowledge of NIST, PCI, HIPAA

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.