- Entry level
- No Education
- Salary to negotiate
What you’ll be doing...
For more than a decade, Verizon has been refining our security monitoring expertise with nine Security Operations Centers and five Network Operations Centers around the globe. Our Research, Investigations, Solutions and Knowledge (RISK) Team has analyzed hundreds of thousands of incidents and more than 6,000 confirmed data breaches, giving us the experience and cyber intelligence to spot threats against our customers' environment before they do damage.
In this critical role, you’ll handle day-to-day triage, investigation, and mitigation of security threats, as well as short-notice ad hoc work, and see them through to completion as a part of our Government Network Operations and Security Center (GNOSC). You’ll provide critical value to the RSA Security Analytics management service, leveraging their extensive knowledge to provide context about security events. Providing recommendations for remediation actions and suggestions for implementing best practices, you’ll improve standard processes and procedures. And you’ll play a key role in helping us protect our business and our customers.
You will support the 24x7 Floor Operations / Service Desk function for our managed security service customers. You will initiate and work incident management tickets and respond to trouble calls/emails from customers. Job functions include security incident handling (60%) change management (10-20%), device and health monitoring as well as systems maintenance (10-20%). The position is full time – eight hours per day, 5 days per week. The possible shifts are 3pm-11pm Sunday - Thursday or 3pm-11pm. Tuesday - Saturday. The position is located in our Cary, NC office.
Performing active real-time security monitoring. You are often the first to see an issue, or the issue may have been escalated from another team/management
Security incident handling involves investigating issues to determine if there is a real security incident or a false positive, notifying customers as needed, and sending customers standardized emails specifying the steps they need to take to fix the problems. Typical systems involved include Splunk/customized SIEMs, customer portals/Remedy ticketing. Conducting advanced security event detection and threat analysis for complex and/or escalated security events
Providing log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions
Process change requests relating to security devices such as firewalls, IP and URL Blocks, rules updates, intrusion detection systems and RSA SecurID servers through the change management process
Device and health monitoring including troubleshooting network connectivity problems concerning managed security devices, often time working with Advanced Support Team engineers and/or vendors/partner technology teams on device replacement/reconfiguration
Prepare Shift turnover and Shift Report to ensure continuous smooth continuous workflows between shifts
Developing internal and external documentation, such as detailed procedures, playbooks, and operational metrics reports
Coordinating with Senior Analysts and/or Duty Manager for high priority incidents
What we’re looking for...
You'll need to have:
Associate's degree or two or more years of work experience.
Three or more years of relevant work experience as a security analyst triaging, investigating, and solving network security incidents
Experience with security incident monitoring and threat investigations
Have, or be able to qualify for, a government security clearance at the Secret level
The ability and flexibility to work all available shifts in a 24x7 operation
Even better if you have:
At least one active security certification such as SANS or other Security industry certifications such as GCIA, GCIH, GREM, or GPEN ITIL Foundations training / certification
Experience with packet capture/payload analysis
Strong understanding of attack vectors and how systems are compromised
Hands-on experience with technical tools and platforms such as: Splunk or ArcSight, FireEye, NetIQ, Squert, Moloch, ELSA, Security Onion, Cisco ASA, JunOS, Fortinet, SourceFire, Checkpoint, Tripwire, Bluecoat Proxy
Understanding of networking protocols such as IPVPN, TCP/IP, UDP, IPSec, and endpoints
Understanding of IPv4 and good understanding of DNS, NTP, Firewalls, ACLs
Understanding of databases and windows processes
About the company
For more than 100 years, Verizon has been at the center of the communications revolution.
Verizon is one of the largest communication technology companies in the world.
We help people, businesses and things communicate better.
The digital world promises consumers a better, more connected life, and we’re the ones delivering it. We make it possible for people to stay in touch and businesses to connect with their customers. We’re also bringing technology and hands-on learning opportunities directly to kids who need it most. Our goal is to inspire tomorrow’s creators to use technology to build brighter futures for themselves, their families and the world.