Security Operations Technician
Company Name:
WilmerHale LLP
JOB SUMMARY
Serves as a core member of the Security Operations Center (SOC) and Cyber Security Incident Response Team (CSIRT). Partners with Information Security to ensure that threat detection and incident response procedures are accurate, reasonable, and well-communicated throughout the Global Operations Center (GOC). Monitors security infrastructure, including IDS/IPS, firewalls, malware prevention systems, advanced cyber threat detection systems. Provides security incident response and limited log analysis according to standard procedures and incident classification and escalation. Within the GOC, drives continuous improvement in our SOC and CSIRT functions. Provides support for server OS, VMWare, networks, storage and hardware systems in all areas of IT Operations. This includes system and environmental monitoring and reporting, escalation to internal and external support teams, user administration support, disaster recovery and business continuance systems support and other duties as required.
PRINCIPAL DUTIES AND RESPONSIBILITIES
Works with Information Security to develop and enhance security procedures relevant to GOC activities.
Trains other GOC personnel in firm security incident handling and security escalation procedures.
Engages in first and second tier incident response and escalation, ensuring that security-related events are escalated appropriately in accordance to risk level.
Accesses logging, monitoring, and analysis systems as needed to perform initial investigation of security incidents and escalate appropriately.
Provides customer support for Infrastructure related issues received via telephone, e-mail, voice mail, trouble ticketing systems and in-person related to client and server performance.
Troubleshoots, prioritizes and triages tickets received from other support teams.
Performs systems and environmental monitoring including reporting and analysis.
Perform physical installation of servers and network equipment as needed.
Monitors data replication functionality, resolves replication issues and reports errors appropriately.
Performs OS, application, and hardware system diagnostics to collect information about problems to determine source of error.
Resolves the majority of Infrastructure issues using the IT Knowledgebase, and escalates more complex problems to Information Security or Infrastructure Engineering in a timely manner.
Assist Information Services staff as needed.
Contributes to the firm's Service Excellence initiative to consistently improve its image internally and externally. Displays professionalism, quality service and a can do attitude to internal members/departments of the firm as well as external clients and vendors via electronic and print correspondence, over the telephone and in-person.
Required Skills
Knowledge of security operations center standard procedures.
Experience analyzing security events with a logging and security event management tool.
Knowledge and experience analyzing malware behavior.
Good oral communication skills as necessary to communicate and coordinate with others on routine but varied issues.
Good interpersonal skills, as necessary to work effectively with people at all levels at WCPHD.
Strong analytical, troubleshooting and problem-solving skills with an attention to detail to minimize user impact.
Demonstrated knowledge of current Windows operating environment(s); Server hardware knowledge; Windows 2008/2012 Server OS and Active Directory system Administration.
Experience developing standard operating procedures within small groups.
Ability to learn, develop, and apply knowledge of work practices, policies, and procedures as they relate to IT Operations.
Good understanding of how systems are physically connected to network switches.
Occasional overtime or flexible hours may be required as needed to support security procedures and training of other shift personnel.
Knowledge of VMWare ESX server and Virtual Machine technology. Education: -2 years of Computer Science training or comparable experience.
Certification(s) in Information Security preferred.
Required Experience
1
years of experience as an information security professional, preferably in a security operations center.
3-5 years' experience in Information Technology Data Center Operations.
Familiar with working in Mission Critical environments.
Job Location
Washington, District of Columbia, United States
Position Type
Full-Time/RegularEstimated Salary: $20 to $28 per hour based on qualifications.
WilmerHale LLP
JOB SUMMARY
Serves as a core member of the Security Operations Center (SOC) and Cyber Security Incident Response Team (CSIRT). Partners with Information Security to ensure that threat detection and incident response procedures are accurate, reasonable, and well-communicated throughout the Global Operations Center (GOC). Monitors security infrastructure, including IDS/IPS, firewalls, malware prevention systems, advanced cyber threat detection systems. Provides security incident response and limited log analysis according to standard procedures and incident classification and escalation. Within the GOC, drives continuous improvement in our SOC and CSIRT functions. Provides support for server OS, VMWare, networks, storage and hardware systems in all areas of IT Operations. This includes system and environmental monitoring and reporting, escalation to internal and external support teams, user administration support, disaster recovery and business continuance systems support and other duties as required.
PRINCIPAL DUTIES AND RESPONSIBILITIES
Works with Information Security to develop and enhance security procedures relevant to GOC activities.
Trains other GOC personnel in firm security incident handling and security escalation procedures.
Engages in first and second tier incident response and escalation, ensuring that security-related events are escalated appropriately in accordance to risk level.
Accesses logging, monitoring, and analysis systems as needed to perform initial investigation of security incidents and escalate appropriately.
Provides customer support for Infrastructure related issues received via telephone, e-mail, voice mail, trouble ticketing systems and in-person related to client and server performance.
Troubleshoots, prioritizes and triages tickets received from other support teams.
Performs systems and environmental monitoring including reporting and analysis.
Perform physical installation of servers and network equipment as needed.
Monitors data replication functionality, resolves replication issues and reports errors appropriately.
Performs OS, application, and hardware system diagnostics to collect information about problems to determine source of error.
Resolves the majority of Infrastructure issues using the IT Knowledgebase, and escalates more complex problems to Information Security or Infrastructure Engineering in a timely manner.
Assist Information Services staff as needed.
Contributes to the firm's Service Excellence initiative to consistently improve its image internally and externally. Displays professionalism, quality service and a can do attitude to internal members/departments of the firm as well as external clients and vendors via electronic and print correspondence, over the telephone and in-person.
Required Skills
Knowledge of security operations center standard procedures.
Experience analyzing security events with a logging and security event management tool.
Knowledge and experience analyzing malware behavior.
Good oral communication skills as necessary to communicate and coordinate with others on routine but varied issues.
Good interpersonal skills, as necessary to work effectively with people at all levels at WCPHD.
Strong analytical, troubleshooting and problem-solving skills with an attention to detail to minimize user impact.
Demonstrated knowledge of current Windows operating environment(s); Server hardware knowledge; Windows 2008/2012 Server OS and Active Directory system Administration.
Experience developing standard operating procedures within small groups.
Ability to learn, develop, and apply knowledge of work practices, policies, and procedures as they relate to IT Operations.
Good understanding of how systems are physically connected to network switches.
Occasional overtime or flexible hours may be required as needed to support security procedures and training of other shift personnel.
Knowledge of VMWare ESX server and Virtual Machine technology. Education: -2 years of Computer Science training or comparable experience.
Certification(s) in Information Security preferred.
Required Experience
1
years of experience as an information security professional, preferably in a security operations center.
3-5 years' experience in Information Technology Data Center Operations.
Familiar with working in Mission Critical environments.
Job Location
Washington, District of Columbia, United States
Position Type
Full-Time/RegularEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
