Capgemini Senior Cybersecurity Operation Centre Analyst / SR SOC Analyst in Washington, District Of Columbia

Senior Cybersecurity Operation Centre Analyst / SR SOC Analyst

Job Description

Capgemini

With more than 180,000 people in over 40 countries, Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. The Group reported 2015 global revenues of EUR 11.9 billion. Together with its clients, Capgemini creates and delivers business and technology solutions that fit their needs and drive the results they want. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business ExperienceTM, and draws on Rightshore®, its worldwide delivery model.

Learn more about us at www.capgemini.com at http://www.capgemini.com/ .

Rightshore ® is a trademark belonging to Capgemini

Capgemini's robust Outsourcing offerings include: Applications Management, Infrastructure Management and Business Process Management. We combine these services with our deep industry knowledge and experience to provide the change agent to accelerate business growth. We generate quality and speed through our proven tools, methods and global centers. These capabilities, coupled with our program management expertise are tailored to fit the most challenging business needs.

Security Services & Control

  • Manage security tools & implement any agreed changes to security tools, software, computing assets and processes which support the prevention of security exposure in the Equipment, Software under the guidance of client Information Security.

  • SIEM tool Management and reporting

  • Knowledge on Cryptographic tools & methodologiesSecurity Incident Management and Reporting

  • Worked under SOC environment using SIEM Tools

  • Prepare and coordinate risk assessments for proposed changes to the Equipment, Software and related Services on SOC environment.

  • Support security incident response processes in the event of a security breach by providing logging and audit information and by providing incident reporting.

  • Implement and manage a security incident management process according to the Security Policy.

  • Coordinate notification of security incident occurrence with client.

  • Provide periodic trending problem reports. Create and maintain a Security Incident log that is also provided to client Information Security to facilitate historical analysis.

  • Assist investigators of security incidents involving the client Sites and other locations, document findings, and coordinate resolution.

  • Understanding of Active directory infrastructure

  • Participates in Change Management, Problem Management & Configuration Management

  • Understanding of malware, antivirus & antispam solutionsVulnerability Management

  • Vulnerability Scanning & report analysis (Nessus / QualysGuard)

  • Identification of false positives

  • Understand & share remediation strategies when required (application of remediation patches is out of scope)Monitoring

  • Monitor logs and security events across network infrastructure. Log, monitor, investigate, and report on access violations.

  • Provide log analysis to provide views of misuse, fraudulent or malicious activities.

  • Provide alerts and reports appropriately.

  • Capacity Management

  • Performance monitoring & threshold managementPatch Management

  • Understanding of patch management process and tools; evaluate the release patch/recommended solution by tools.

  • Liaise with client Infrastructure teams for patch deployment.

  • Coordinate with vendor for patch Validation .

Technical Skills

  • Knowledge on Active directory and patch management ( Microsoft system Interface)

  • SIEM Tools (Archsight, Net Forensics, etc)

  • Splunk experience

  • Thorough knowledge of TCP/IP and file transfer protocols

  • Knowledge on IDS / IPS, Firewall monitoring and change in rule base.

  • Fair Knowledge on antimalware, antispam tools, vulnerability management

  • Log reviews and security forensic reviews

  • Access review of account to support Audit requirement.

  • Review security device logs to analyze network traffic for suspicious/malicious activity

  • Access Control Management

  • Knowledge of offensive security tactics and tools

  • Knowledge of cryptographic tools & methodologies

  • Certifications like CCNA, MCSE, MCP or CEH would be an advantage.

  • Experience with working in Windows as well as Unix/Linux environments

People Skills

  • Willingness to work under 24/7 rotating shift basis

  • Effective communication skills in both verbal and written English

  • Ability to adhere to strict quality, service levels and change management process

  • Demonstrated initiative to stay abreast of technology advancements

  • Security certification such as CISSP or any other equivalent is desirable

Location : Reston Virginia

Please note that at this time we are looking for local candidates and are not offering any relocation, work permit or visa sponsorship assistance .

Job: Infrastructure

Organization: IS US

Title: Senior Cybersecurity Operation Centre Analyst / SR SOC Analyst

Location: DC-Washington

Requisition ID: 026206

Other Locations: US-MD-Baltimore, US-VA-Arlington