Vacancy expired!
Are you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte's Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will become part of a team that advises, implements, and manages solutions across five verticals: Strategy, Defense and Response; Identity; Infrastructure; Data; and Application Security. Our dynamic team offers opportunities to work with cutting-edge cyber security tools and grow both vertically and horizontally at an accelerated rate. Join our cyber team and elevate your career.
Work you'll do- Provide Security Operations Center (SOC) support and guidance to the teams and the client that improve the client's cybersecurity posture, to include the confidentiality, integrity, and availability of information systems by identifying, verifying, and understanding cyber events
- Provide Security Operations Center (SOC) support via 24x7 shift schedule coverage to collect, analyze, and correlate security events to enable recommendations for mitigation of potential incidents
- Operate audit log and monitoring systems, security information and event management (SIEM) tools, network-based and host-based intrusion detection systems, firewalls, malware detection tools, antivirus solutions/systems, VPN technologies and encryptions standards
- At least five years of experience working in a Security Operations Center (SOC) or Network Operations Center (NOC) environment performing security event monitoring and analysis
- Working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks
- Must possess a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
- High school diploma
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
- Active Secret security clearance
- Certification: Security+, GIAC Security Essentials (GSEC) or equivalent certification is desired
- Ability and prior experience with analyzing information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents. This includes the identification of malicious code present within a computer system as well identification of malicious activities that are present within a computer system and/or enterprise network
- Experience working with a ticket management system to collect, document and maintain information pertinent to security investigations and incidents
- Excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings
- Experience in monitoring the operational status of monitoring components and escalating and reporting outages of the components
- Conceptual understanding of Windows Active Directory
- Experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with SIEM platforms that perform log collection, analysis, correlation, and alerting is also preferred
- Experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment
- Experience in collecting and maintaining information pertinent to security; investigations and incidents in a format that supports analysis, situational awareness reporting, and law enforcement investigation efforts