Job description
Description:
Business Operational Concepts (BOC) is a recognized leader in providing Technical and Program Management Services, Information Technology, and Support.
BOC has enabled their Government and Commercial clients to achieve their organizational initiatives through the application of high quality, innovative, and cost–effective professional services and solutions. We provide a positive working environment, with opportunities for advancement in our growing Federal sector workforce.
We offer an excellent compensation package which includes a generous salary, insurance (medical, dental, etc.), paid leave, 401k plan and more. We are committed to the diversity we bring to the marketplace and believe customer satisfaction comes first.
JOB SUMMARY:
Business Operational Concepts (BOC) is currently seeking a Cyber Security Engineering (SIEM/SOAR) to work with our government client. Cyber Security Engineer will be responsible for ensuring proper implementations of Cloud Security best practices and design patterns. They will work extensively with the multiple business units for log ingestion, data enrichment, and automation via the SIEM/SOAR platform. They will also support the Security Operations Center (SOC) for advanced SIEM queries and analytic alerts.
DUTIES AND RESPONSIBILITIES:
In course of regular job duties, the selected candidate will gain exposure to many different enterprise–grade security technologies, which perform critical functions such as vulnerability scanning, malware detection, network intrusion prevention, firewall blocking, enterprise–wide incident response, and security information and event management (SIEM). Some examples of the 20+ cutting–edge security technologies that the selected candidate will work with are: SentinelOne, Palo Alto firewalls, Microsoft Security Suite, and CyberArk.
Requirements:
QUALIFICATIONS:
Required (Minimum) Qualifications Education, Certification, Experience, and Skills
2+ years' experience as a Security Engineer or SOC Analyst
2+ years of SIEM/SOAR Engineering Experience
Any of the following professional certification are desired, but not required:
CompTIA Network+
CompTIA Security+
Azure certs (AZ–500, AZ–700, AZ–305)
Any DOD IAT Level 1 Certification
Proficiency of SIEM technologies and operations
Experience using a SIEM Platform such as
Microsoft Sentinel
RSA Netwitness
Splunk
Excellent analytical and problem–solving skills
Ability to work independently to solve complex problems with minimal oversight
Excellent communications skills
Ability to communicate effectively to senior management and federal client staff
Business writing skills
Ability to collaborate effectively with peer
Knowledge, Skills, Abilities, and Other Characteristics
Experience with SOAR platforms
Familiarity with programming and scripting languages (Python, Powershell, Bash).
Strong experience with cloud security, cloud provider ecosystems (Amazon AWS/Microsoft Azure/Google Cloud Platform) & migrating Enterprise from traditional data center Infrastructure, Application and Data designs to hybrid or fully–cloud enabled practices.
Familiarity with various log ingestion methodologies into a SIEM environment.
Familiar with automated development lifecycles and pipelines (DevOps, DevSecOps)
Project management experience with Agile (Kanban/Scrum)
Experience with cloud security strategy, cloud provider ecosystems (Amazon AWS/Microsoft Azure)
Knowledge of cloud networking architecture, cloud operations, security, automation, and orchestration.
Experience\knowledge of Microsoft security tools (Sentinel, Microsoft Defender for Cloud Apps, Microsoft Defender for Endpoint, etc)
Experience with Log Analytics, KQL queries, Government logging requirements
Possess clear understanding of security protocols and standards and have experience with security architecture.
Demonstrate an ability to bridge technology knowledge gaps between IT staff and corporate staff such as Legal, Compliance and Audit organizations.
Experience with Linux/UNIX Windows Servers, MS SQL, Oracle, MySQL, MongoDB.
Experience understanding protocols, such as, SSL/TLS, CIFS, HTTP/S, DHCP, SMTP, LDAP/S, NFS, SNMP and DNS.
Experience in networking concepts and services, such as, VPNs, IPsec, PKI and TCP/IP.
Experience in various reporting tools such as PowerBI and Power Automate