*** This position is based in San Diego, CA (We will provide relocation assistance, if necessary) ***
- Monitoring client networks for signs of adversarial activity
- Respond to alerts from various monitoring systems and platforms
- Triage potentially malicious events to determine severity and criticality of the event
- Analyze network traffic using a variety of analysis tools in support of service objectives
- Monitor security appliance health and perform basic troubleshooting of security devices; notify security engineering as necessary for malfunctioning equipment
- Analyze malicious artifacts obtained from network monitoring with a focus on generation of threat intelligence and service improvement
- Identify, develop, and implement new detections and mitigations across the services platforms
- Communicate and collaborate with the analyst team for situational awareness
- Follow detailed processes and procedures to analyze and escalate critical information security incidents; these procedures vary from customer to customer
- Apply structured analytical methodologies to maximize threat intelligence growth and service efficacy
- Directly contribute to the continued technical enhancement of the services platforms, analysis tradecraft, and development of team skills and expertise
- Contribute to the continued evolution of services capabilities and processes
Desired Skills and Experience:
- 2+ years of technical experience supporting enterprise-scale Computer Network Defense (CND), monitoring, analysis, or threat intelligence missions OR 3+ years of experience with computer network administration
- Hands-on experience with log collection and analysis, network and host monitoring platforms, and various analysis tools including McAfee ESM, HP ArcSight, IBM QRadar, Splunk, Symantec Security Analytics, Wireshark, Vortex, Suricata or Snort, LaikaBOSS, Bro, or others
- Experience analyzing logs for indicators of compromise, collected from various network monitoring devices such as firewalls, IDS/IPS, web proxies, email filters, etc.
- Experience applying structured analytical frameworks, e.g. LM Cyber Kill Chain®, The Diamond Model, LM Intelligence Driven Defense®, Pyramid of Pain, etc.
- Experience defining and refining operational procedures, workflows, and processes to support analyst team in consistent, quality execution of defensive mission
- Strong written and verbal communication skills, proven ability to communicate technical topics to diverse audiences
- Functional knowledge of at least one scripting languages (Python, perl, bash, etc)
- Familiarity with Linux CLI tools (awk, sed, jq, etc)
- Required Education/Training:
- Technical 2-year degree (Computer Science, Information Security, Information Technology, IT Management)
- CompTIA Network+/Security+ or CEH or GIAC GSEC
- Technical 4-year degree (Computer Science, Information Security, Information Technology, IT Management)
- Intermediate or Advanced information security certifications (CompTIA CSA+; GIAC GCIH, GCIA, GMON, or GSE)
Candidates should be flexible / willing to work across this delivery landscape which includes and not limited to Agile Applications Development, Support and Deployment.
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.
Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.
Click the following link for more information on your rights as an Applicant – http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law
A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients’ opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2017 global revenues of EUR 12.8 billion (about $14.4 billion USD at 2017 average rate).
Visit us at www.capgemini.com. People matter, results count.