Sr. Security Operations Consultant
Sr. Security Operations Consultant
Hybrid Holyoke, MA preferred, fully remote considered
Contract – 10+ Months
Covid Vaccination required for any onsite employees, with reasonable accommodations considered.
Candidate Requirements – Senior Security Operations Consultant
• 5+ years' experience working in a Cyber Security Operations Center. Experience should include coordinating Cyber Security Incident Response across multiple organizational units.
• Experience developing and maturing SOC processes and procedures
• Splunk Core Certified User, GMON, GCDA, GCIA, GCIH, GDAT, GRID or other industry relevant certifications preferred
• In depth understanding of operating systems, network architecture, internetworking, protocols, and enterprise services.
• In-depth knowledge of MITRE ATT&CK for threat informed defense
• Capability to script and parse data
• Understanding of threats, vulnerabilities, and exploits in IT/ICS environments and mitigation techniques
• Understanding of IT and ICS network communication protocols: including TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, UDP, DNP3, Modbus, IEC 61850 etc., and accompanying protocol/packet analysis/manipulation tools
• In-depth knowledge of security detection systems (SIEM, NDR, EDR, etc.)
• Preferred: Working knowledge of compliance operations for NERC Critical Infrastructure Protection
• The Senior Security Operations Center Consultant identifies and investigates computer and network intrusions utilizing knowledge of cyber-attack tactics and techniques (CKC, MITRE ATT&CK)
• Escalates and Implements Cyber Security Incident Response actions. Acts as incident response coordinator during major incidents
• The Senior Security Operations Center Consultant will drive continuous improvement to SOC analytical processes and procedures (SOP, Play Books)
• Implement Cyber Threat Intelligence analysis, develop and propose/implement active defense actions based on Cyber Threat Intelligence.
• Collaborate with team members to identify opportunities to improve SOC operations, draft recommendations for change and implement approved changes
• Draft/deliver reporting related to security monitoring and incident response activities.
• Support the NERC CIP compliance team in protecting the integrity and confidentiality of Bulk Electric System assets.
• Develop custom scripting as needed to automate analysis and incident response activities.
• Value Add; Knowledge of ICS systems and architecture (Perdue Model) and ICS protocols.
Minimum Requirements • US Citizen or permanent resident required • BA/BS degree, MS degree a plus, or equivalent work experience • 5+ years' experience working in a Cyber Security Operations Center. Experience should include coordinating Cyber Security Incident Response across multiple organizational units. • Splunk Core Certified User, GMON, GCDA, GCIA, GCIH, GDAT, GRID or other industry relevant certifications preferred
POST-OFFER BACKGROUND CHECK IS REQUIRED. Digital Prospectors is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Make this your next career move as one of our many long-term contractors or employees!
- Work as our full-time employee with full benefits (Medical, Dental, Vision, Life, STD, LTD, PTO, etc.) - OR - work as a W2 hourly contractor at a higher pay rate if you don't need the benefit package.
Come see why DPC has achieved:
- 4.9/5 Star Glassdoor rating and the only staffing company (< 1000 employees) to be voted in the national Top 10 ‘Employee’s Choice - Best Places to Work’ by Glassdoor
- Voted ‘Best Staffing Firm to Temp For’ three times by Staffing Industry Analysts as well as a ‘Best Company to Work For’ by Forbes, Fortune and Inc. magazine.