Duration: 3-month Contract-To-Hire. Must be able to convert full time without Sponsorship.
Location: California. The candidate will be working remotely until January 2021 (or longer) but must be sitting in California prior to the first day of the contract. Upon going on-site, it could be any of these locations: San Ramon, Concord, Fairfield, San Francisco, or Sacramento area (CA).
Intake Call Notes:
- This team is responsible for the operational support for a number of products in the intelligence and event management space. QRadar is one of the bigger products, they also have Encase and are about to go live with XSOAR.
- Administration support (not being an end-user) of QRadar is required, and knowledge of either Encase or XSOAR (1 of the 2), is also required.
- Responsible for tool administration (patching, troubleshooting incidents, outages, restarts, agent upgrades, etc…)
- This team is Tier II support.
- No on-call rotation during the contract period, but 24/7 on-call support will be expected upon converting full-time (once every 3 weeks)
The Cybersecurity Product Specialist, Senior will work closely with Managers, Project Managers, team leaders, specialists, security teams, and subject matter experts. This position maintains, analyzes, develops, and delivers Security Intelligence and Event Management solutions. This position will work closely with our Lines of Business and Security Intelligence Operations Center (SIOC) and be responsible for maintaining and maturing our SIEM Operational program. Primary responsibilities consist of the day to day operations and maintenance/support of our Cybersecurity Infrastructure technologies.
This position is responsible for troubleshooting complex problems across multiple Operating Systems (Windows Desktops, Windows Servers, and Linux) and Environments.
- Administrative experience and technical knowledge in Cybersecurity product support such as IBM QRadar, XSOAR, OpenText EnCase
- Experience with Security Information and Event Management products
- Experience in QRadar administration and support
- Achieve positive results with multiple projects/efforts running simultaneously
- Scripting experience for automation
- Familiar with one or more security controls/risk management frameworks (ISO, NIST, etc.)
- Understanding of risk and security controls
- Understanding of network protocols, enterprise architecture, and common network logging functions
- Critical thinking, active listening, and analytical skills with an aptitude for tactical solutions that are forward-thinking
- Solid communication skills and ability to interact with clients
- Skilled at being a team player
- Energizes coworkers, and maintaining a positive attitude towards the team and the business directions
- Responsible for the Operational management, advanced configuration, monitoring, and reporting of multiple Intelligence and Event Management products
- Respond immediately to security incidents and provide post-incident analysis
- Participate in a 24x7 on-call rotation
- Defend systems against unauthorized access, modification, and/or destruction
- Document and manage Cybersecurity processes, procedures, policies, control documentation, etc.
- Train peer employees in product support, security awareness, protocols and procedures
- Collaborate with stakeholders and partner teams on the planning, implementation, and rollout of cyber programs and solutions
- Partner with the groups within Information/Business Technology and the Security Intelligence Operations Center (SIOC)
- Partner with Cybersecurity, Compliance teams, and other key stakeholders to alert or resolve the detected anomalies
- Facilitates/Leads Root Cause Analysis
- Research and recommend security controls and tools upgrades
- Mentors and trains the support staff and others on the targeted product(s) or service(s)
- Introduce new innovative solutions that enhance the existing capabilities of the product(s) or service(s) Develop methods of automation and optimization
- Partner with peers in the accountable planning organization to develop the strategic vision and understand how it applies to the targeted products or services
- Understand the industry's product positioning, the product's key benefits, and the product's targeted users
- Partner closely with the vendor to influence the product's future capabilities
- Work closely with cross-functional teams to troubleshoot and resolve complex operational issues
- Drive conventions and standards (such as usage or configuration) across multiple products to maximize user experience
- Act as third-tier support specialist to other IT professionals for escalated operational issues