ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Security Engineer/Analyst to support a Security Operations Center (SOC) in a high operations tempo, 24x7x365 environment. The Engineer/Analyst will have experience in design, implementation, installation, configuration and administration of Commercial-off-the-shelf cybersecurity tools including the organizations Security Information Event Management (SIEM) tool. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

  • Responsible for all aspects of Splunk software including but not limited to design, implementation, installation, configuration, administration, testing, and integration
  • Recommend data filtering and event alerts from Splunk data feeds to support system and network monitoring needs
  • Monitor Splunk deployments to ensure uninterrupted monitoring
  • Conduct Root Cause Analysis (RCA) investigations as needed
  • Perform Computer Security Incident Response activities for a large global enterprise, coordinate with other enterprise IT teams to record and report incidents
  • Work incidents from initial assignment to final resolution
  • Conduct forensics and investigations as needed using security tools such as but not limited to Splunk, Google Vault, Google DLP, Palo Alto firewalls, Cisco Firesight IPS, FireEye CM, FireEye HX, FireEye ETP, ForeScout CounterACT, Airwatch, Zimperium, NetSkope Cloud Access Security Broker, Azure WAF
  • Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
  • Author and update SOPs as needed or directed
  • Fully document assigned tickets to show all work performed in order to pass SLRs

Required Skills

  • Experience implementing or working with Security Information and Event Management (SIEM) products such as Splunk, in a complex network environment and assist security analysts in building custom dashboards and operational processes around the SIEM ecosystems
  • Experience with IT security tools, working technical knowledge of network, server, storage and desktop hardware and software
  • Strong foundation of Network and Security skills, fundamental knowledge of Windows, Linux and Cisco operating systems, networking protocols and network traffic analysis
  • Demonstrated ability to work with matrixed resources in a team environment
  • Must be able to work independently with a keen eye toward quality, attention to detail and customer service

Education Requirement

  • BS/BA in Computer Science, Cyber Security, Information Systems, Engineering, Business, Physical Science, or other technology-related discipline

Years of Experience Requirement

  • 3-5 years desired of demonstrated capability to perform required tasks

Certification Requirement

  • Required certification: Security+
  • Splunk administration certification is preferred

Location

  • Washington, D.C 

Security Clearance

  • Active Secret Security Clearance required

Sound like the job for you?

Send us a link to your resumé or portfolio to become part of our talent pool.

Click here to apply

Warning: Invalid argument supplied for foreach() in /var/www/wp-includes/class-wp-list-util.php on line 157