The Security Analyst is responsible for monitoring, investigation, response and support tasks related to the operation of SunGard AS information security program.
The scope of the position’s responsibilities will primarily be related to SIEM (Security and Information and Event Management) system administration including development of content. It will also include host and network IDS monitoring, maintenance of IDS, vulnerability scanning, threat management and user administration. This position desires forensics experience to investigate security incidents on production networks and managed service offerings.
The Security Analyst should have the necessary expertise and job experience to work effectively with his/her peers in the analysis, maintenance, monitoring and hardening of production network systems and servers.
- Participating in 24x7x365 coverage for intrusion monitoring, incident response, infrastructure maintenance and user administration
- Monitoring and responding to network intrusion and vulnerability alerts raised by automated detection systems, internal & external reports and manual investigation
- Executing incident response procedures and Chief Security Office (CSO) processes to identify computer security incidents, contain intrusions and recommend options for eradication & recovery all the while effectively communicating with both internal and external customers and escalating as necessary
- Investigating incident root cause & scope using host and network based forensics when called for by the incident response plan
- Assisting Service Desk and Technical Operations Center (TOC) personnel technically and procedurally with incident handling and security concerns.
- Handling service support requests for active directory accounts, two factor authentication, SSL VPN, and web proxies
- Sharing responsibility for maintaining documentation on all incidents and job related procedures
- Experience in McAfee security products (NSM, NVM, HIDS, etc.)
- Experience with McAfee/Nitro SIEM
- Experience in McAfee ePO a plus
- Experience in RSA SecurID
- Experience with DDoS Mitigation systems a plus
- Experience in Microsoft Active Directory (2003, 2008)
- Deter, identify, monitor and investigate computer and network intrusions.
- Actively profile network traffic to detect patterns indicating possible intrusions from inside or outside corporate networks.
- Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption.
- Working knowledge of TCP/IP, networking design, and routing architectures.
- Working knowledge of Regular Expressions and SNORT rules
- Working knowledge of methods to provide privacy, integrity, and non-refusal to network connections.
- Working knowledge of network security systems and protocols including Firewalls, HTTP, FTP, SSH, etc.
- Strong customer service, communication, and teaming skills.
- Minimum 1 year in security operations preferred.
- Minimum of 2 years of Security and/or Network experience required.
- Expertise with Unix & Windows operating systems is required.
- GSEC certification required or ability to obtain within the first 6 months of employment.
- GIAC certification in GCIA, GCIH, GCFA desired.
- Associates degree in Information Systems, Computer Science, Computer Engineering or currently enrolled in a Degree Program expecting to graduate within 12 months.
- Sungard Availability Services offers a high growth environment with excellent compensation and immediate eligibility for our 401(k), health/dental insurance, educational assistance, and more. Sungard AS is an equal opportunity employer. Minority/Female/Disability/Veteran
- Ability to meet the physical demands of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Employment is contingent upon successful completion of the background investigation and pre-employment drug screen.