Security Specialist

Location: Richmond, Virginia
Posted On: 7/11/2017
Job Code: 8450_VA_SIEM Consult
Job Description
Tier II Triage/Response:
o Work with Cloud Provider personnel, toolkits, on incident investigation and response.
o Provide incident handling and incident documentation for Sev 2 and 3 incidents.
o Provide initial investigation of Sev 2 and 3 security incidents.
o Perform analysis of log files.
o Provide Technical escalation point for Tier I (Security Incidents, Security Alerts & response to General Inquiries that require security, risk, privacy, or threat input).
o Manages and assures threat feeds are received, aggregated, reviewed, tickets and acted upon accordingly.
o Feeds data back to threat feed sources where appropriate of new threats found during internal investigations.
o Takes an active part in the containment of incidents, even after they are escalated.
o Documents remediation required based on input during incident handling or vulnerability identification.
o Opens and tracks tickets for remediation of issues found during an incident or vulnerability that is required to facilitate a closed loop process.
o Manage whitelist and black list in SIEM and disseminates to appropriate operators for tool policy updates or setting updates in security tools.
o Issue documentation and proactively contacts system asset owners when an incident is resolved to ensure that remediation steps are understood and remediation time line is committed in ticket.
o Review daily and weekly metrics for security and vulnerability incidents.
o Escalating issues to Tier III or Manager when necessary.
o Contribute knowledge base article submissions.
Category:IT  code:new
Job Requirements
SIEM Tier II Triage/Response

Not Ready to Apply?
Contact Details
Vikash Choudhary