Sevatec Inc.

  • Enterprise SOC Watch Officer

    Job Locations US-WV-Fairmont
    Posted Date 3 weeks ago(6/4/2018 11:06 PM)
    Job ID
    2018-1428
    # of Openings
    1
    Category
    Information Technology
  • Overview

    Sevatec is hiring a SOC Watch Officer with a strong background in cybersecurity and IT security and intermediate knowledge of working IT infrastructure experience for a Department of Commerce client in Fairmont, West Virginia. The Department of Commerce Enterprise Security Operations Center (ESOC) acts as a shared service for the components of DOC. The ESOC provides integrated security intelligence, tailored alerts and facilitate collaboration among the individual DOC components. This watch officer will work with customers and external stakeholders to further refine requirements and work with a matrix team to improve ESOC functionality. This planning will also include designing and implementing processes and standard operating procedures as well as support the planning, design and implementation of new IT infrastructure to support the ESOC.

     

    As an ESOC Watch Officer, the selected applicant will become part of Sevatec's DOC Enterprise Security Operations Center (ESOC) responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities.  The selected applicant will be responsible for deploying, maintaining, tuning, monitoring and managing all aspects of a client multi-tenant ESOC. Additionally, the ESOC Watch Officer will support liaison between the ESOC and external agencies and governing authorities. The person filling this role will attend meetings and discussions, interface with industry or outside agencies for the purpose of taking notes and doing assessments.

    Responsibilities

    • Work with government leadership, customers and external stakeholders to translate high level requirements into workable project plans
    • Coordinate efforts to install and configure the hardware and software necessary to establish an initial operating capacity
    • Establish the information sharing and notification procedures to help DOC components prioritize their incident response and IT security efforts
    • Oversee the design and implementation of a collaboration environment that allows IT security resources from separate DOC components to share best practices and coordinate response to security events
    • Lead efforts to integrate, implement and maintain the Customer’s security roadmap.
    • Provide technical oversight for security tool deployment and implementation.
    • Continuously monitor levels of service as well as interpret and prioritize threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed.
    • Monitor and proactively mitigate information security risks.
    • Provide briefings at various levels of management regarding ongoing security incidents.
    • Establish reporting and information sharing relationships with governing organizations, and other appropriate agencies and organizations for the purpose of tracking threats and security incidents.
    • Develop and maintain processes and procedures used to manage operations and incident response process.
    • Develop and maintain reporting metrics and mechanisms used to execute and measure SOC activities.
    • Maintain and enhance the security roadmap used to provide technical, personnel and procedural growth and the implementation of new tools and techniques.
    • Develop papers, briefings and technical marketing materials designed to show the inherent value of utilizing the customer’s SOC for security management of an agency’s network.
    • Work within a 24/7 shift-scheduled security operations environment.

    Qualifications

    • Bachelor’s Degree in Cyber Security, Information Technology or a related discipline and 3 years of SOC Analyst support experience. Additional years of experience will be acceptable in lieu of a degree.
    • Ability to understand and learn technical specifications, system requirements and other application design information as needed
    • Advanced technical writing skills. Excellent written and oral communication skills
    • Must be a team leader, effective in matrix organizations, proactive, and possess excellent problem solving and organizational skills
    • Incident response and handling experience.
    • Working knowledge of SIEM technology, ArcSight preferred.
    • Experience desired with a variety of tools and software such as:  Mandiant/FireEye, Nagios, Red Hat Linux, IP management, Proxies, NESSUS, PGP

     

    Security Clearance:  Applicants selected must be U.S. Citizens and will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Top Secret candidates preferred, Interim Secret required to start.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed