A Dallas-based, privately held energy company with a portfolio of competitive and regulated energy companies is looking for a Security Operations Center Analyst.

The Security Operations Center (SOC) delivers effective information security event analysis and incident detection and response for the Company. The mission of the SOC is to play a leading role in the Company’s efforts to protect its information systems against unauthorized use and insure availability. In this role, the SOC Analyst will provide incident response services to the Company. These services include investigating complex network transactions and data analysis tasks in order to identify computer attacks and probes as they occur.  The SOC is responsible for all technical aspects of intrusion detection, new incidents, documentation, analytical investigation, problem closure and future security threat countermeasures. The SOC Analyst will also complete projects and tasks on an as needed basis, and interact directly with the Company’s technical and business units.

Job Responsibilities:

• Analyze and review escalated cases until closure. This includes investigating and recommending appropriate corrective actions for data security incidents.
• Utilize SIEM and other tools to assist in network investigations.
• Work with MSSP to investigate network incidents and events
• Perform post mortem analysis on logs, traffic flows, and other activities to identify malicious   activity.
• Research, develop, and stay current on testing tools, techniques, and process improvements in support of security event detection and incident response.
• Reverse engineer and analyze binaries, files, and other malicious attack artifacts.
• Communicate and interact directly with other staff to ensure individual and group performance.
• Maintain understanding of company, department, and applicable energy regulations, policies and procedures.

Qualifications:

• Thorough understanding and experience with, TCP/IP.
• Understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems.
• Knowledge of encryption, load balancing, and other network protocols.
• Ability to work on weekends and after-hours as necessary, especially during security incidents and emergencies.
• Administrator or security support on multiple platforms, operating systems, software, communications and network protocols. 
• A minimum  three years experience working in IT security, preferably in a 24x7 operational environment
• Working knowledge of Microsoft Office products, including Visio and Project.
• Excellent communication skills, analytical ability, strong judgment and the ability to work effectively with IT management and staff.
• Ability to communicate technical issues to technical and non-technical staff and management.
• Self driven desire to research current information security trends, tools and vulnerabilities.
• NITRO, Qualys and TippingPoint  experience  a plus
• Experience writing Python, Perl, bash or other scripting a plus.
• Hands on operational experience with log and system analysis
• System administration experience a plus
• Database, SQL knowledge is a plus.
• GIAC Certified Incident Handler (GCIH) or Certified Ethical Hacker certifications a plus.
• Strong administrator knowledge – Unix & Windows; knows how the domain, active directory, and group policy works

Heavy emphasis on:

• SIEM and antivirus
• Endpoint devices – knowledge & experience analyzing log files
• Scripting & language skills (Python, Perl, Bash, etc.)
• Analysis of network packets
• TCP/IP knowledge

·      There are 10 openings for this position

·      This position starts out as a 6 month contract position with a high degree of likelihood to go perm.

·      $55.00-$65.00 per hour

·      All shifts available

Requires Bachelor in Computer Science Degree or related field

Please send resume in a Microsoft Word (.doc) format to Augustine at [email protected]