Vacancy caducado!
World Wide Technology (WWT) is a global systems integrator and supply chain solutions provider that brings an innovative and proven approach to how organizations around the world evaluate, architect, and implement technology.
Based in St. Louis, WWT works closely with industry leaders such as Cisco, HP, EMC, NetApp, VCE, F5, and VMWare, focusing on three market segments: Fortune 500 companies, Service Providers, and the Federal Government. WWT employs over 4,200 people and operates more than 1.5 million square feet of state-of-the-art warehousing, distribution, and integration space strategically located throughout the U.S. WWT is proud to announce that it has been named on the FORTUNE "100 Best Places to Work For®" list for the past six years.The WWT Information Security (InfoSec) team is currently searching for an intermediate level Security Operations Center Analyst to join the Security Operations Team. As a member of the team, you will be responsible for identifying and investigating security events, developing detection and response plans, collaborating with the Threat and Vulnerability Management team to mitigate active threats, and engaging with senior team members to build your incident handling skills. This position's duty hours are primarily 3 PM to 12 AM US Central Time Zone (GMT -6).Responsibilities (includes but is not limited to):• Detect and triage security events from endpoint, network, and cloud services to identify active threats to WWT information systems.• Actively investigate, contain, and document cyber security incidents from initial detection through final resolution.• Interpret file behavioral analysis reports to determine the potential impact of the threat and identify indicators of compromise.• Identify the root cause of cyber security incidents and brief the WWT Threat and Vulnerability Management team of findings, including new threat actors and control deficiencies.• Develop security threat intelligence relevant to WWT and use this information to hunt for active threats within the organizations information systems.• Update the configuration of security tools and services, such as anti-malware lists and proxy block and allow lists to mitigate emerging threats and adapt to business needs.• Brief CSIRT leadership on active investigations and escalate incidents based on defined threat and priority criteria.• Hunt for existing and new threats within WWT networks and endpoints.Requirements and Skills:• Bachelor's Degree (or equivalent) in Computer Science, Information Technology, Cyber Security, or related discipline.• Information Security Certification preferred (GCIH, CYSA+, CeH, etc)• Experience with the following technologies: SIEM, EPP/EDR, IDS/IPS, DLP, and SOAR• Experience with bash, python, or PowerShell highly desired• Knowledge of core network services and applications including TCP/IP, DNS, SMTP, VoIP, and HTTP.• Knowledge of incident response and handling methodologies.• Knowledge of general attack stages, attacker Techniques, Tactics, and Procedures (TTPs), and defense models.• Excellent verbal and written communication skills.• Enthusiasm for learning.Equal Opportunity Employer Minorities/Women/Veterans/Differently abledVacancy caducado!