security operations center soc jobs opportunities

Security Operations Center SOC Analyst

Security Operations Center SOC Analyst

McAfee is currently seeking an Information Security Operations Center Analyst to join its growing Information Security team. This is a full-time opportunity in the Plano, TX office. On a daily basis, the Information Security Operations Analyst works within the Security Operation Center to monitor security alerts, respond and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and for incident response capabilities. Responsibilities Daily review of security alerts/logs with follow-up on any suspicious activity Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures, and assist in efforts to detect, confirm, contain, remediate, and recover from attacks Proactively monitor, identify and analyze complex internal and external threats, including viruses, targeted attacks and unauthorized access, and mitigate risk to IT systems Work in concert with team members, Information Security engineering, and relevant Subject Matter Experts to process, analyze and drive the remediation of identified IT related vulnerabilities Responsible to follow the IT Security Incident Response policies and tools Contribute to Information Security policies, standards, and supporting documentation Root cause analysis, troubleshoot complex issues with existing security and privacy protection protocols Responding to inbound security monitoring alerts, emails, and inquiries from the organization. Providing support for Incident Response, including evidence collection, documentation, communications, and reporting Maintaining and improving standard operating procedures and processes Providing documentation of work through a variety of communications such as ticketing, operational briefs, and status reports Assist with the operation and management of vulnerability solutions across the team's portfolioIdentify security issues and risks, and assist with the development of risk mitigation plans Help drive continual improvement in the vulnerability management and security posture Conduct security research to maintain current knowledge of latest security trends and issues. Maintaining a high level of confidentiality Qualifications SOC/NOC Experience 1-3 years' experience in 24x7 shifted operations environment of a large number of critical production servers and High Availability uptime environments Bachelor's degree in Computer Science, Information Security and Risk Management, Information Systems, Engineering, Business or related major and/or prolonged course of study in a specialized field or equivalent experience. Minimum 3 years working experience securing IT systems Certified Information Systems Security Professional CISSP, Security Information Security Manager, Global Information Assurance Certification, or related Security Certificate required Experience in a global IT enterprise environment Experience with security incident management Experience with administration and management of Windows, Linux, UNIX, and mobile operating systems. Experience with: Real-time monitoring and triage Cyber intelligence Network, host, and malware analysis IPS/IDS Sensor tuning Custom IPS/IDS signature creation SIEM experience Scripting skills such as Python and Perl. Strong analytical mindset, natural curiosity to check and double check Inside this Business Group The Intel Security Group combines employees from McAfee and Intel – people with security expertise in hardware, software, and solutions into one business unit focused on building hardware, software, services and end-to-end security solutions. Intel Security Group sets the stage for new levels of collaboration and innovation and will drive leadership in the industry by providing ubiquitous security and identity protection for people and businesses worldwide. Posting Statement. Intel prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
Plano
Security Operations Center SOC Analyst

Security Operations Center SOC Analyst

Intel Security has amazing opportunities ahead!  In the next couple of months, we anticipate transitioning to a stand-alone company - McAfee.  This strategic change will help to position us as one of the largest pure-play cybersecurity companies in the world.  During this transition, we will continue to have a bold vision to achieve, but we cannot achieve without exceptional talent. McAfee is currently seeking an Information Security Operations Center Analyst to join its growing Information Security team. The Information Security Operations Analyst works within the Security Operation Center to monitor security alerts, respond and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and for incident response capabilities. Responsibilities: Daily review of security alerts/logs with follow-up on any suspicious activity Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures, and assist in efforts to detect, confirm, contain, remediate, and recover from attacks Proactively monitor, identify and analyze complex internal and external threats, including viruses, targeted attacks and unauthorized access, and mitigate risk to IT systems Work in concert with team members, Information Security engineering, and relevant Subject Matter Experts to process, analyze and drive the remediation of identified IT related vulnerabilities Responsible for alignment with IT Security Incident Response policies and tools Contribute to Information Security policies, standards, and supporting documentation Perform root cause analysis, troubleshoot complex issues with existing security and privacy protection protocols Respond to inbound security monitoring alerts, emails, and inquiries from the organization Provide support for Incident Response, including evidence collection, documentation, communications, and reporting Maintain and improve standard operating procedures and processes Provide documentation of work through a variety of communications such as ticketing, operational briefs, and status reports Assist with the operation and management of vulnerability solutions across the team's portfolio Identify security issues and risks, and assist with the development of risk mitigation plans Help drive continual improvement in the vulnerability management and security posture Conduct security research to maintain current knowledge of latest security trends and issues Maintain a high level of confidentiality Qualifications: SOC/NOC Experience - 1-3 years' experience in 24x7 shifted operations environment of a large number of critical production servers and High Availability uptime environments Bachelor's degree in Computer Science, Information Security and Risk Management, Information Systems, Engineering, Business or related major and/or prolonged course of study in a specialized field or equivalent experience Minimum 3 years working experience securing IT systems. Certified Information Systems Security Professional CISSP, Security Information Security Manager, Global Information Assurance Certification, or related Security Certificate required Experience with security incident management, administration and management of Windows, Linux, UNIX, and mobile operating systems, real-time monitoring and triage Cyber intelligence Network, host, and malware analysis IPS/IDS Sensor tuning Custom IPS/IDS signature creation SIEM Scripting skills such as Python and Perl Strong analytical mindset, natural curiosity and attention to detail orientation Qualifications Inside this Business Group The Intel Security Group combines employees from McAfee and Intel – people with security expertise in hardware, software, and solutions into one business unit focused on building hardware, software, services and end-to-end security solutions. Intel Security Group sets the stage for new levels of collaboration and innovation and will drive leadership in the industry by providing ubiquitous security and identity protection for people and businesses worldwide. Posting Statement. Intel prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected
Plano
Security Operations Development Analyst

Security Operations Development Analyst

Business Unit The Security Operations team within Philips Information Security works diligently to provide reliable and secure services across the global enterprise. The team has a focus on system reliability and security through the continuous operation of secure solutions. The Security Operations Center (SOC) consists of a 24/7 incident response capability as well as a proactive hunting team for advanced threats, a threat intelligence team and dedicated security engineering and development staff.   Job description The Security Operations Development Analyst’s primary objective is to ensure the availability and operational effectiveness for the entire Security Operations technical landscape as well as alignment with defined business risks. In addition, the analyst also has responsibility to:   ·         Monitor the performance of security tooling ·         Maintain security tooling through appropriate patch management ·         Ensure security tool capacity is managed and anticipated ·         Administer user access to the security tooling ·         Develop and implement automation throughout Security Operations ·         Maintain the shared Knowledge Base/Security Operations Portal.   The analyst works in a close teaming approach with other SOC analysts, and involve when necessary other Subject Matter Experts.   Following business and operational efficiency principles, proactive and performance oriented activities are performed. This involves (analytical) activities to enable intelligence gathering and usage, ability to engineer and implement engineering requirements, and ability to perform in the triage processes (detect and response)   Typical outputs from the Analyst function are: ·         Integration and enhancement of the cyber threat intelligence ·         Solution engineering, use case development and technical architecture ·         Event triage and response ·         Focused forensic investigations ·         Delivery of performance indicators for the different SOC areas ·         Support and escalation point for other functions   Your Challenge The Security Operations Development Analyst is expected to be able to deliver value in the following areas of expertise:   Threat Intelligence: ·         Discovers, analyzes and prioritizes new threat intel sources ·         Integration of intelligence feeds into the operational processes   Engineering: ·         Develops content, such as scripts, use cases for SIEM, queries for log management, connectors for security technology or automated data gathering for forensics. ·         Creation of overall situational awareness, combining outputs to be further used by the SOC   Detection & Response: ·         Perform anomaly detection and malware hunting ·         Manage security incidents to conclusion ·         Perform forensic investigations A snapshot of your responsibilities includes: ·         Deliver value in Threat Intelligence: create situational awareness, integrate and fuse intelligence from different sources, proactively determine if new sources are available, improve the intelligence capability ·         Execute solution engineering and technical architecture: Integrate security technologies, maintain the security tooling, create and implement content), troubleshoot SOC tooling, create and optimize SOC workflows ·         Perform advanced threat detection, malware and threat hunting, anomaly detection and security analytics ·         Execute threat response: forensics, crisis management and creation of mitigation courses of action Our Offer At Philips, we are driven by our mission to improve the lives of 3 billion people per year by 2025, and every day we move closer to achieving our goal by creating cutting-edge solutions that lead to confident diagnosis, improved care, and increased quality of life for patients. Thanks to our employees who share our passion for improving lives, we are at the forefront of the Healthcare industry leading in image guided interventions, ultrasound, patient monitoring, cardiology informatics, sleep therapy and respiratory care. Named one of the Top 50 Happiest Companies in America in 2013, we enable our employees to create a legacy in life through their work and support their development through people-centric learning, total rewards and personalized development planning programs. We are looking for The ideal candidate must have a passion for security and all things technical, with a good understanding of adversary motivation
North Andover
SoC, Configuration, and Security Product Planner

SoC, Configuration, and Security Product Planner

As part of Intel, we will continue to apply Moore’s Law to drive the future of field-programmable gate array (FPGA) technology.  The Programmable Solutions Group (PSG) has been delivering industry-leading custom logic solutions to customers since inventing the world's first reprogrammable logic device in 1984.  In order to take advantage of the many opportunities that we see in the future for FPGA’s, PSG is growing the Product Planning team to define future customer requirements for System on Chip (SoC) FPGA devices, and contribute to the PSG security, configuration, and safety roadmaps. We are seeking dynamic individual contributor and manager level marketing professionals to be part of Intel’s Programmable Systems Group (PSG) product planning team with strong FPGA and/or ASIC technical insight and experience.  Specific responsibilities will include but are not limited to the following: Own planning across SoC, configuration, safety, and security features for next generation products  Identify, monitor and analyze product, technology and market trends Conduct regular customer product planning interviews and research Interface directly with customers, system architects, and business planners to understand customer applications requirements and constraints for next generation products Create and publish market requirements documents (MRD) and ensure alignment to engineering product requirement documents (PRDs) Lead the internal cross-functional core team during product definition including analyzing and deciding on trade-offs on behalf of sales, product marketing, and vertical marketing divisions to prioritize engineering development for maximum customer success Qualifications • BSEE/BSCE/BSCS or related • Customer facing experience in marketing or technical roles in a semiconductor, EDA, system level, or related high tech company. • At least 5 years of experience in one of the following (or related) in Applications, Product Marketing, Product Planning, Technical Marketing, or Strategic Marketing Preferred Qualifications: • MBA, MSEE, MSCS, MSCE • Experience in product planning, or product management, creating and interpreting market requirements • Experience of multiple FPGA feature sets & capabilities, ideally including SoC, configuration, safety, or security • Experience in one or more end markets: data center, wireless, networking, industrial, video, automotive • Technical experience developing or designing for FPGAs, ASICs, EDA tools and methodologies • Previous role in design, architecture, or applications engineering Inside this Business Group The Programmable Solutions Group (PSG) was formed from the acquisition of Altera. As part of Intel, PSG will create market-leading programmable logic devices that deliver a wider range of capabilities than customers experience today. Combining Altera's industry-leading FPGA technology and customer support with Intel's world-class semiconductor manufacturing capabilities will enable customers to create the next generation of electronic systems with unmatched performance and power efficiency. PSG takes pride in creating an energetic and dynamic work environment that is driven by ingenuity and innovation. We believe the growth and success of our group is directly linked to the growth and satisfaction of our employees. That is why PSG is committed to a work environment that is flexible and collaborative, and allows our employees to reach their full potential. Other Locations California, Santa Clara; Posting Statement. Intel prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
San Jose
Security Consultant

Security Consultant

The Security Center of Excellence SeCoE is seeking an influential Product Security Architect/Consultant to drive critical security strategies into the product development lifecycle for Intel products. If you are an excellent leader, influencer and outstanding communicator with a desire to work across all major product groups, then this is a great opportunity to pursue! You will be focused on developing expertise in the organization and driving long term solutions while working with and influencing other top experts in the industry. Accountabilities....-Act as the Security consultant for product and service organizations. -Influence security designs for hardware and software products and services.-Build the overall expertise in the company around best practices for developing and deploying product security into the architecture of products.-Provide security expertise in the development of IP intellectual property-Conduct vulnerability and threat assessments.-Partner and build strong relationships with senior architects, designers and micro architects to help ensure the products and services conform to the company and industry security assurance standards and specifications.-Identify, propose and plan critical projects to deploy and manage budget and implementations.-Help develop the architectural roadmap, infrastructure and standards for building security attributes into hardware and software products and services across all major product lines.-Assist in creating and devising the strategy to assist the product groups in adapting and changing the way products and services are built.-Build and deliver compelling presentations for internal use and industry conferences on product security related topics to drive the long-term security issues in hardware and software products and services.-Build relationships and partnerships with company subsidiaries that are building security sensitive technologies.-Drive a continuous improvement model that advances improvements in vulnerability by reducing vulnerability risks.-Contribute to building a communication process, educational forum and supporting collateral to keep product groups abreast of new advancements, changes and features related to security. -Develop methods and collateral to facilitate closing security skill gaps across the company. Qualifications -BS or MS in CS, CE or EE-10 + years experience with security technologies and applying those technology solutions to the product development lifecycle for hardware or software. -Knowledge of security technologies: authentication, cryptography, secure protocol-Expertise in architecting, strategizing and evangelizing advanced product security architecture/assurance into the product development lifecycle-Knowledge of security technologies: authentication, cryptography, secure protocols-Understanding of state-of-the-art security principles, theories, attacks and threat modeling methodologies: assets, security vulnerabilities and attack profile, threats mitigations etc. -Knowledge of computer architecture CPU, SoC, chipsets, BIOS, Firmware, Drivers, and others-Working knowledge of hardware or software architecture and/or design -Proven ability to lead cross-functional teams across multiple organizations -Ability to work in a less structure startup type environment-Ability to influence executives, senior management team and engineering teams-These optional qualifications would be added advantages: Strong network in security community CISSP and/or other security certifications Background in functional safety. Inside this Business Group Posting Statement. Intel prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status. Position of Trust. This role is a Position of Trust. Should you accept this position, you must consent to and pass an extended Background Investigation, which includes (subject to country law), extended education, SEC sanctions, and additional criminal and civil checks. For internals, this investigation may or may not be completed prior to starting the position. For additional questions, please contact your Talent Consultant.
Hillsboro
Cyber Security Operations Manager (m/w)

Cyber Security Operations Manager (m/w)

Cyber Security Operations Manager (m/w) Cassidian CyberSecurity Ottobrunn Als europäischer Spezialist auf dem Gebiet der Cyber-Sicherheit ist es Aufgabe von Airbus CyberSecurity, Regierungs- und Verteidigungsorganisationen sowie kritische nationale Infrastrukturen vor Cyber-Bedrohungen zu schützen. Mit Hilfe der zuverlässigen, hochleistungsfähigen Sicherheitsprodukte und Dienstleistungen des Unternehmens können fortschrittlichste Cyber-Angriffe entdeckt, analysiert und bekämpft werden. Airbus ist ein weltweit führendes Unternehmen im Bereich Luft- und Raumfahrt sowie den dazugehörigen Dienstleistungen. Der Umsatz betrug € 67,0 Mrd. im Jahr 2016, die Anzahl der Mitarbeiter rund 134.000. Airbus bietet die umfangreichste Verkehrsflugzeugpalette mit 100 bis über 600 Sitzen an. Das Unternehmen ist ebenfalls europäischer Marktführer im Bereich der Luftbetankungsflugzeuge, sowie bei Kampf-, Transport- und Missionsflugzeugen. Airbus ist die europäische Nummer 1 im Raumfahrtgeschäft und weltweit die Nummer 2. Die zivilen und militärischen Hubschrauber des Unternehmens zeichnen sich durch hohe Effizienz aus und sind weltweit gefragt.“Mit Leidenschaft und Entschlossenheit arbeiten unsere Mitarbeiter jeden Tag daran, die Welt zu vernetzen, mit hoher Priorität auf Sicherheit und Fortschritt. Wir sind stolz auf unsere Arbeit und teilen unsere Fachkenntnisse und Erfahrungen, um gemeinsam Spitzenleistungen zu erfüllen. Unsere kulturelle Vielfalt und Zusammenarbeit ermöglicht es uns, Außergewöhnliches zu erreichen – auf dem Erdboden, im Luft- und im Weltraum. Description of the job Für Airbus CyberSecurity in München / Taufkirchen suchen wir für die Abteilung „Service Operations“ einen Cyber Security Operations Manager (w/m). Tasks & accountabilities Definition für den Bereich SOC / CDC die Service- und Produktlinienbeschreibungen, die Service Levels Agreements (SLA), die Operational Level Agreements (OLA) sowie die Key Performance Indikatoren (KPI) in Zusammenarbeit mit den verschiedenen betroffenen Geschäftsbereichen und in Absprache mit dem Produkt- / ProjektmanagernÜberwachung, Berichterstattung und Management der Einhaltung der SLAsManagemant der Minderungen im Fall der Nichterfüllung in Absprache mit dem Produkt- /ServicemanagerManagement der Zuweisung der Wartungskosten in Absprache mit dem UnternehmenVerhandlung der SLAs mit dem KundenSchnittstelle zu internen und externen KundenPlanung, Implementierung und Kontrolle der ServicebereitstellungVerhandlung, Implementierung und Monitoring der SLAs, des OLAs und des laufenden Managements der operativen Einrichtungen zur Bereitstellung des vereinbarten NiveausVorbereitung / RampUp des Betriebs sowie Erweiterung auf 24/7 im SOC / CDCMitarbeit in der Angebotserstellung und der Implementierung von state-of-the-art Sicherheitslösungen, wie z.B. Servicebeschreibungen aus dem Bereich Cyber Defence in Zusammenarbeit mit den anderen Abteilungen unseres GeschäftsbereichsErstellung der technische Leistungsbeschreibungen für die o.g. AngeboteEnge Zusammenarbeit mit den Forensikern, Penetrations-Testern sowie den Incident Respondern der Abteilung Cyber DefenceUnmittelbare Berichterstattung an den Abteilungsleiter von „Service Operations"Auswertung und Reporting der erreichten Service-Metriken (z.B. SLA, Kosten, Effizienz) und abgeleitet permanente Optimierung der Abläufe und Prozesse zur ServiceerbringungDie Bereitschaft zu Dienstreisen wird vorausgesetzt. Required skills Abgeschlossenes Studium im Bereich Informationstechnik oder vergleichbarWeitreichende Erfahrung im Ingenieurwesen sowie im Bereich ITLangjährige Erfahrung im Projekt-, Teammanagement und Erfahrung in der fachlichen Führung von DienstleistungenLangjährige Erfahrung in der Zusammenarbeit mit Kunden und bei VertragsverhandlungenGute Marktkenntnisse des Cyber Defence und / oder IT-Sicherheits-SegmentesKenntnisse von Cyber Security Services und Produkten wären von VorteilFähigkeit zur Arbeit in einem internationalen Umfeld sowie zur Arbeit im TeamGute Kommunikationsfähigkeiten sowie DurchsetzungsvermögenSicheres Auftreten und kundenorientierte ArbeitsweiseVerhandlungssichere Deutsch- und fortgeschrittene Englischkenntnisse; Französischkenntnisse wären von Vorteil
Munich
Security Consultant

Security Consultant

This is a commissioned position. Develops and delivers detailed IT solutions through consulting project activities. Responsibilities include client identification through final invoicing for engagements requiring varied interpersonal and technical skills. Technical responsibilities include problem identification, system architecture definition, hardware/software specification and/or design, implementation, testing, client training, and solution deployment. Performance is typically evaluated based on utilization, i.e., billable hours. Project management activities include interaction with company and client managers and cost/schedule monitoring. May have some financial responsibilities including project cost estimating, proposal generation, and invoicing. May participate in sales and proposal presentations in addition to completing ongoing team account activities. Identifies additional product/services opportunities in customer organization. Performance is typically measured by the capture of the consulting engagement and/or delivery of agreed solutions within budgeted hours. Qualifications Work as a security consultant in solution team. Design, implement and operation help with McAfee products, especially for DLP, SIEM and ENS and provide security architecture review. Build Security Operations Center with risk assessment and help with running SOC operations and security monitoring. CISSP, PMP, CEH, CISA and English skill are preferable qualification. Inside this Business Group The Intel Security Group combines employees from McAfee and Intel – people with security expertise in hardware, software, and solutions into one business unit focused on building hardware, software, services and end-to-end security solutions. Intel Security Group sets the stage for new levels of collaboration and innovation and will drive leadership in the industry by providing ubiquitous security and identity protection for people and businesses worldwide.
Ōsaka-shi
SOC Analyst (m/f)

SOC Analyst (m/f)

SOC Analyst (m/f) Cassidian CyberSecurity Elancourt Cassidian CyberSecurity Ottobrunn Airbus Defence & Space Köln As the European specialist in cyber security, the mission of Airbus’ CyberSecurity business is to protect governments, companies and critical infrastructures from cyber threats. Its trusted, high performance security products and services are able to detect, analyse and counter the most advanced cyber attacks. Airbus is a global leader in aeronautics, space and related services. In 2016, it generated revenues of € 67 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe’s number one space enterprise and the world’s second largest space business. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space. Description of the job The Airbus DS Cyber Defence Center (CDC) associates the Security Operations Center (SOC) and high-skilled security Professional services, such as security incident response (CSIRT), Risk assessment, security audit and associated consulting services. The CDC is in charge of supporting our customers all along their Information Risk and Security Management improvement, and addressing the increasing cyber security threat challenge.Supported by several automated tools such as intrusion detection systems, log correlation engines and SIEM, ticketing system, alerts and warning from internal and external sources, this service involves receiving, triaging and responding to alerts, requests and reports, and analysing events and potential incidents and to provide the primary support for incident responders. Another objective of this service is to follow pre-defined procedures to perform technical tasks related to identity and access management.In this context, Airbus Cybersecurity is seeking a SOC Analyst (m/f). Tasks & accountabilities Categorise events, incidents and vulnerabilities based on relevance, exposure and impactEnsure case managementActivate initial response plan based on standard playbook entriesProvide support to incident respondersAdvise affected users on appropriate course of actionEscalate unresolved problems to higher levels of support, including the incident response and vulnerability mitigation teamsConfigure the SIEM components for an optimal performance (tuning of thresholds …)Reviewing and improving the monitoring policy on a regular basis. Integrate IOCs in security solutionsDefine dashboards and reports for reporting on KPIs.Produce qualified reports (including recommendations) or alerts to SOC customers and follow-up on actionsContribute to the design of the overall monitoring architecture, in close relationship with the customers/system owners, on the one hand, and the security operations engineering team, on the other hand.This position will require a security clearance or will require being eligible for clearance by the recognised authorities. Required skills Educated to a Master’s Degree in Information Technology or equivalent and a minimum of 5 years of professional experience.A minimum of 4 year experience as SOC Analyst and/or first line incident responderYou should hold at least one valid certification among the following ones: GCIH, GCIA, ECIH, CSIH, SCPO or an equivalent one recognised internationallyFluent in English and negotiation level in FrenchThe position requires travels in and possibly outside of Europe.
Élancourt