Sevatec Inc.

  • Enterprise SOC Watch Officer

    Job Locations US-WV-Fairmont
    Posted Date 1 month ago(9/17/2018 11:48 AM)
    Job ID
    2018-1542
    # of Openings
    1
    Category
    Information Technology
  • Overview

    Sevatec is hiring a Watch Officer with a strong background in cybersecurity and IT security and intermediate knowledge of working IT infrastructure experience for a Department of Commerce client in Fairmont, West Virginia. The Department of Commerce Enterprise Security Operations Center (ESOC) acts as a shared service for the components of DOC. The ESOC provides integrated security intelligence, tailored alerts and facilitate collaboration among the individual DOC components. This project manager will work with customers and external stakeholders to further refine requirements, create project plans consisting of critical paths, WBS, milestones and resource leveling and work with a matrix team to improve ESOC functionality. This planning will also include designing and implementing processes and standard operating procedures, as well as the planning, design and implementation of new IT infrastructure to support the ESOC.

     

    As an ESOC Watch Officer, the selected applicant will become part of Sevatec's DOC Enterprise Security Operations Center (ESOC) responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities.  The selected applicant will be responsible for deploying, maintaining, tuning, monitoring and managing all aspects of a client multi-tenant ESOC. Additionally, the ESOC Watch Officer will support liaison between the ESOC and external agencies and governing authorities. The person filling this role will also attend meetings and discussions and interface with industry or outside agencies for the purpose of taking notes and performing assessments.

    Responsibilities

    • Work with executive sponsors, customers and external stakeholders to translate high level requirements into workable project plans
    • Coordinate efforts to install and configure the hardware and software necessary to establish an initial operating capacity
    • Establish the information sharing and notification procedures to help DOC components prioritize their incident response and IT security efforts
    • Oversee the design and implementation of a collaboration environment that allows IT security resources from separate DOC components to share best practices and coordinate response to security events
    • Lead efforts to integrate, implement and maintain the Customer’s security roadmap.
    • Provide technical oversight for security tool deployment and implementation.
    • Continuously monitor levels of service as well as interpret and prioritize threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed.
    • Monitor and proactively mitigate information security risks.
    • Provide briefings at various levels of management regarding ongoing security incidents.
    • Establish reporting and information sharing relationships with governing organizations and other appropriate agencies and organizations for the purpose of tracking threats and security incidents.
    • Develop and maintain processes and procedures used to manage operations and incident response process.
    • Develop and maintain reporting metrics and mechanisms used to execute and measure SOC activities.
    • Maintain and enhance the security roadmap used to provide technical, personnel and procedural growth and the implementation of new tools and techniques.
    • Develop papers, briefings and technical marketing materials designed to show the inherent value of utilizing the customer’s SOC for security management of an agency’s network.
    • Provide executive level briefings regarding status of the SOC implementation, including cost benefit analysis for use of the SOC.
    • Work within a 24/7 shift-scheduled security operations environment.

    Qualifications

    • Bachelor’s Degree in Cyber Security, Information Technology or a related discipline and 5 years of Watch officer support experience. Additional years of experience will be acceptable in lieu of a degree.
    • Requires background in at least 2 of the following domains: security products and technologies; security engineering, networking protocols and data center operations; security analysis and investigations.
    • Ability to understand and learn technical specifications, system requirements and other application design information as needed
    • Advanced technical writing skills. Excellent written and oral communication skills
    • Must be a team leader, effective in matrix organizations, proactive, and possess excellent problem solving and organizational skills
    • Related experience includes Project Management over IT infrastructure projects, and/or network/security operating center experience.
    • Incident response and handling experience.
    • CISSP, SANS GIAC, CISM or equivalent certification. PMI and Networking certifications a plus.
    • Working knowledge of SIEM technology, with ArcSight specific certification, preferred.
    • Experience desired with a variety of tools and software such as: Mandiant/FireEye, Nagios, Red Hat Linux, IP management, Proxies, NESSUS, PGP

    Security Clearance:  Applicants selected must be U.S. Citizens and will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Top Secret candidates preferred, Interim Secret required to start.

     

     

     

    EEO Statement:  Sevatec is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law."

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed