Network Security Analyst

Job Description

CANDIDATE SKILLS AND QUALIFICATIONS

Minimum Requirements :

Candidates that do not meet or exceed the minimum stated requirements (skills / experience) will be displayed to customers but may not be chosen for this opportunity.

Years

Required / Preferred

Experience

Required

Evaluate and review existing SIEM platform capabilities to determine current system state. Aspects include benchmarking of in use hardware, storage and virtualization features, evaluating overall system performance, investigating log and packet ingestion

Required

Design, prepare, and present supporting documentation such as status reports, upgrade / optimization suggestions, project plans, briefings, and presentations, to present to audiences such as CSOC Engineering Team Members.

Required

Use experience, research, documentation, meetings, and collaboration to understand the HHSC CSOC’s SIEM operations, strategic objectives, processes, issues, challenges, and opportunities for improvement.

Required

Interact extensively with HHSC internal organizational stakeholders, including CSOC Team, CSOC Team Leads and CSOC Management, Internal and Perimeter network teams, Application and Database administrators and developers.

Required

Fulfill basic CSOC SIEM project management duties to ensure the successful completion of CSOC short-term engagements with vendors and support organizations, to include creation of project plans and change tickets, communications management with team.

Required

Perform review and editing on existing HHSC CSOC SIEM documentation to include checks for relevance, completeness format, clarity, and overall cohesiveness.

Manage updates as architecture(s) evolve and change and make revisions to technical literature.

Preferred

Experience with RSA Netwitness SIEM Platform to include evaluation and selection of supporting hardware, installation, configuration and maintenance of SIEM system components such as servers and / or virtual machines and SIEM configuration and maintenance.

Preferred

Perform steady state operation, tuning, optimization and support for RSA Netwitness SIEM platforms, using tools to include the Health and Wellness features and service status features within Netwitness.

Preferred

Use research, team meetings, collaboration with other functional groups, understanding of the HHSC organization’s strategic objectives and candidate’s past experience with RSA Netwitness to determine a long term roadmap for the HHSC CSOC SIEM.

Preferred

Perform frequent meetings with relevant software and other technical vendors such as RSA Netwitness and Dell to include feedback on current RSA Netwitness SIEM usage, performance and utilization, incorporating vendor roadmaps into the overall SIEM strat.

Preferred

Troubleshoot, research and resolve systemic issues in the RSA Newitness SIEM system and supporting software and hardware, providing short, medium and long term solutions to improve and maintain desired performance levels.

Preferred

Assist in data parsing and normalization in RSA Netwitness SIEM platform on data streams both existing and new, leveraging advanced knowledge of regular expressions and other programmatical tools such as scripting languages like Python and / or Perl.

Preferred

Netwitness XDR Specialist Administration certification