Tier Two Support Analyst to be a part of the Network Operations Center (NOC) that will provide 24x7x365 support of the technology infrastructure that enables global incident response operations, analysis and coordination, and forensics.
Exp. in Palo Alto is must.
* Provide Tier-2 advanced troubleshooting and support for Sony's Global Security Incident Response Team (GSIRT) systems and infrastructure including: SIEM, network, security, malware detection, IDS/IPS, and forensics systems and related detection, monitoring, reporting, and support solutions is a must.
* Act as escalation point for any Tier-1 incidents that require advanced troubleshooting.
* Respond quickly to issues for critical inline systems by enabling bypass capabilities and proactively initiate remediation procedures to restore full operational capabilities.
* Configure and onboard GSIRT systems as directed by the GSIRT Operations team.
* Support access control of GSIRT systems.
* Perform and lead system patches and updates, coordinate change request notifications and attend CAB meetings with Sony operating companies.
* Collaborate with GSIRT Operations team and/or external entities to ensure the ongoing, reliable performance of integrated security solutions across the Sony operating companies.
* Support, escalate, and document system outages to the GSIRT Operations team.
* Provide advance monitoring capabilities to include, but not limited to, identifying dropped packets, high traffic volume, lost data feeds, and developing new monitoring indicators.
* Create and provide feedback to the GSIRT Operations team about improvements to playbook content processes, and procedures.
* Coordinate with the GSIRT Operations team to troubleshoot and help remediate incidents and system issues.
* Take an ownership of assigned work shift. Ensure Tier-1 NOC analysts are following predefined notification procedures and playbook.
* Help mentor, lead and train Tier-1 NOC analysts.
* Administer and lead the GSIRT vulnerability management program to ensure vulnerabilities are remediated.
* Evaluate and improve on operational process, procedure manuals, and documentation.
* Compile and publish daily, weekly, monthly report as requested by the GSIRT Operations team.
Previous work or internship experience required within the following areas: information security, network/data center operations, or system administration.
* Working knowledge of networking technology and protocols.
* Experience with the following security systems or equivalent is a plus.
o McAfee: Nitro, ePO
o Palo Alto: Next-Generation Firewalls
o Trend Micro: TippingPoint
o FireEye: EX, NX, HX, AX, CMS
o Blue Coat Proxy
* Hands-on experience in troubleshooting network/security devices.
* Hands-on experience with Windows and/or Linux operating systems as an administrative user is a plus.
* Ability to work on multiple programs simultaneously, with strong ability to prioritize multiple tasks and respond to emergencies, organize and schedule work effectively.
* Industry Certifications is a plus:
o CompTIA - N+, Security+, Linux+
o Microsoft - MTA, MCSA, MCSE
o Cisco - CCNA, CCNP
o GIAC: GSEC, GCIA, GISF, GPPA,GCWN,GCED,GISP,GCUX,GCCC
o Palo Alto
* Ability to effectively communicate in a professional environment with executive level and junior personnel.
* Experience leading small teams.
* Ability to work and make objective decisions independently.
* Strong command of the English language both spoken and written