Fujitsu Security Analyst - SOC - Dallas, TX in Richardson, Texas
Title: Security Analyst - SOC - Dallas, TX
Job Number: FAI03922
Fujitsu America, Inc. provides a complete portfolio of business technology services, computing platforms, and industry solutions. Fujitsu platform products are based on scalable, reliable and high-performance server, storage, point-of-sale, and mobile technologies. Fujitsu combines its renowned platform offerings with a full suite of onshore, near shore and offshore system integration, outsourcing, and datacenter services covering applications, operations, infrastructure, customer service, and multi-vendor lifecycle services. Fujitsu provides industry-specific solutions for retail, manufacturing, healthcare, government, education, financial services, and telecommunications sectors. For more information on Fujitsu America's business scope, visit http://solutions.us.fujitsu.com/
We are looking for aSecurity Analystfor our SOC (Security Operations Center) Group in our Dallas, TX location.
Appropriate candidates should possess at least 2-4 years’ experience in a Security Operations Center as part of a Managed Security Services offering. We are looking for candidates who can provide a well-rounded knowledge and experience base in incident response and security event analytics. An overall flexibility and willingness to work under unpredictable time and project variables is essential.
The Security Operations Center Analyst will be responsible for the following:
• Detection, monitoring, analysis, resolution of security incidents; participate in providing containment recommendation
• Coordinate escalations to internal support teams to ensure timely delivery of incident resolutions
• Perform network/system/application/log intrusion detection analysis and trending
• Participate in the security incident handling efforts in response to a detected incident, and coordinate with other stakeholders
• Ensure that Service Level Agreements are met
• Maintain standard operating procedures, processes and guidelines
• Automate security analysis, administration and remediation procedures, workflows and tasks
• Maintain awareness of trends in security regulatory, technology, and operational requirements
• Participate in client audits
• Role will participate in a shift rotation based on a 24/7 schedule; flexibility and adherence to this schedule are a requirement for this role
Additional responsibilities will include but are not limited to:
• Provide detection and response to security events and incidents within the Fujitsu Network as well as various supported customer networks
• Security log management and monitoring
• Intrusion detections and prevention systems operations
• Vulnerability detection, assessment, and mitigation
• Risk assessment and deployment of security patches.
• Antivirus management and operations.
• Develop and maintaining information security metrics.
• Provide assistance to core security and incident response teams
• Enterprise encryption support
• Development and distribution of various security advisories and awareness messages
• Maintain growing knowledge of industry trends relating to security management and services.
SOC personnel will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to facilitate response to incidents at a global scale. You will work with industry respected malware, network and incident response analysts to coordinate a best in class response to computer related incidents.
• Experience working in an IT Security Operations Centre, using SANS methodology
• Experience and knowledge of Security Information Event Management (SIEM) operations
• Experience in Intrusion Detection and Prevention Systems
• Knowledge of: TCP/IP, computer networking, routing and switching
• Experience in Linux/UNIX and Windows based devices at the System Administrator level
• System log forensics (Syslog, Event Viewer)
• Strong troubleshooting, reasoning and problem solving skills
• Team player, excellent communication skills, good time management
• Organizational skills and the ability to work autonomously with attention to processes
• Ability and willingness to think outside of the box to find creative and innovative solutions to reduce costs with a minimal impact on reliability.
• Ability to speak and communicate effectively with peers, management and clients
• Ability and experience in writing clear and concise technical documentation
• Ability to speak and write fluently
Preferred Education or Experience:
• Minimum of (3) years of directly related practical experience within the last eight years, and demonstrated ability to carry out the functions of the job.
• Candidate should possess a knowledge in the following technical skills: Incident Response, Log Analysis, TCP/IP, Network Traffic Analysis, Antivirus/Malware, Intrusion Detection/Prevention, Security Incident and Event Management Systems (SIEM), Packet Analysis Techniques, Event Correlation, and Incident Triage.
• Experience using ticketing systems such as Remedy
• Security certifications: SANS/GIAC (GCIH, GCIA or GCUX), CCNA, CISSP, or CISM certifications would be assets
• Knowledge of application security including web applications, web services, XML, SOA, AJAX, JSON, and web scanning tools
• Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
• Knowledge of NIST, PCI, HIPAA
• Knowledge of ITIL methodologies and practices preferred
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
Job: IT Specialization