Capgemini Senior Cybersecurity Operation Centre Analyst / SR SOC Analyst in Washington, District Of Columbia
Senior Cybersecurity Operation Centre Analyst / SR SOC Analyst
With more than 180,000 people in over 40 countries, Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. The Group reported 2015 global revenues of EUR 11.9 billion. Together with its clients, Capgemini creates and delivers business and technology solutions that fit their needs and drive the results they want. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business ExperienceTM, and draws on Rightshore®, its worldwide delivery model.
Learn more about us at www.capgemini.com at http://www.capgemini.com/ .
Rightshore ® is a trademark belonging to Capgemini
Capgemini's robust Outsourcing offerings include: Applications Management, Infrastructure Management and Business Process Management. We combine these services with our deep industry knowledge and experience to provide the change agent to accelerate business growth. We generate quality and speed through our proven tools, methods and global centers. These capabilities, coupled with our program management expertise are tailored to fit the most challenging business needs.
Security Services & Control
Manage security tools & implement any agreed changes to security tools, software, computing assets and processes which support the prevention of security exposure in the Equipment, Software under the guidance of client Information Security.
SIEM tool Management and reporting
Knowledge on Cryptographic tools & methodologiesSecurity Incident Management and Reporting
Worked under SOC environment using SIEM Tools
Prepare and coordinate risk assessments for proposed changes to the Equipment, Software and related Services on SOC environment.
Support security incident response processes in the event of a security breach by providing logging and audit information and by providing incident reporting.
Implement and manage a security incident management process according to the Security Policy.
Coordinate notification of security incident occurrence with client.
Provide periodic trending problem reports. Create and maintain a Security Incident log that is also provided to client Information Security to facilitate historical analysis.
Assist investigators of security incidents involving the client Sites and other locations, document findings, and coordinate resolution.
Understanding of Active directory infrastructure
Participates in Change Management, Problem Management & Configuration Management
Understanding of malware, antivirus & antispam solutionsVulnerability Management
Vulnerability Scanning & report analysis (Nessus / QualysGuard)
Identification of false positives
Understand & share remediation strategies when required (application of remediation patches is out of scope)Monitoring
Monitor logs and security events across network infrastructure. Log, monitor, investigate, and report on access violations.
Provide log analysis to provide views of misuse, fraudulent or malicious activities.
Provide alerts and reports appropriately.
Performance monitoring & threshold managementPatch Management
Understanding of patch management process and tools; evaluate the release patch/recommended solution by tools.
Liaise with client Infrastructure teams for patch deployment.
Coordinate with vendor for patch Validation .
Knowledge on Active directory and patch management ( Microsoft system Interface)
SIEM Tools (Archsight, Net Forensics, etc)
Thorough knowledge of TCP/IP and file transfer protocols
Knowledge on IDS / IPS, Firewall monitoring and change in rule base.
Fair Knowledge on antimalware, antispam tools, vulnerability management
Log reviews and security forensic reviews
Access review of account to support Audit requirement.
Review security device logs to analyze network traffic for suspicious/malicious activity
Access Control Management
Knowledge of offensive security tactics and tools
Knowledge of cryptographic tools & methodologies
Certifications like CCNA, MCSE, MCP or CEH would be an advantage.
Experience with working in Windows as well as Unix/Linux environments
Willingness to work under 24/7 rotating shift basis
Effective communication skills in both verbal and written English
Ability to adhere to strict quality, service levels and change management process
Demonstrated initiative to stay abreast of technology advancements
Security certification such as CISSP or any other equivalent is desirable
Location : Reston Virginia
Please note that at this time we are looking for local candidates and are not offering any relocation, work permit or visa sponsorship assistance .
Organization: IS US
Title: Senior Cybersecurity Operation Centre Analyst / SR SOC Analyst
Requisition ID: 026206
Other Locations: US-MD-Baltimore, US-VA-Arlington