The SOC Endpoint Engineer is key member of a 24x7 team of security experts providing security platform management and operations for global fortune 500 clients. The SOC Endpoint Engineer will help deliver the Optiv vision of redefining traditional SOC operations using automation, orchestration and analytics.
The SOC Endpoint Engineer’s role is to provide streamlined platform management and security operations primarily for solutions that align with the following categories: Endpoint Prevention, Endpoint Detection & Response, and Mobile Security.
In addition, the SOC Systems Engineer believes and lives the Next Generation SOC guiding principles:
- Deliver quality security outcomes
- Drive efficient and timely operations
- Actualize continual improvement and innovation
- Protect the customer
Primary Duties and Responsibilities
- Actively participate in a 24x7 delivery team, which may include on-call and weekend work.
- Manage assigned security platforms, following clients procedures if required, which includes:
• Device health and availability monitoring
• Device health incident resolution and escalation
• Configuration changes and request processing
• Device tuning and patching
• Major upgrade and enhancements review
• Hardware replacement management
• License management
- Create and maintain operational documentation required for technology management processes or to maintain device health.
- Complete assigned projects on time and with excellent quality.
- Be a thought leader in security engineering and operations delivery - driving automation, analytics, and advanced threat analysis.
- Continually improving delivery processes in order to drive operational excellence.
- Make recommendations for the improvement and growth of the Next Generation infrastructure and systems.
- Participate in quarterly business reviews with vendors and customers.
- Keep current with the latest vendor updates, expansion opportunities, and technology directions for all assigned platforms.
- Practice continual self-improvement thru education, training, and certification.
- Document time spent on each client daily.
- Other duties as assigned.
- Bachelor’s Degree from four-year college or university in Information Technology, Information Security/Assurance, Engineering or similar area of study; at least 5 years related experience and/or training; or equivalent combination of education and experiencepreferred.
- Demonstrated understanding of Information Security and Networking required.
- Demonstrated technical knowledge of current networksecurity, network hardware, protocols, and standards required.
- Proven ability to diagnose and troubleshoot technical issues required
- Proven ability to make decisions and perform complex problem-solving activities under pressure.
- Previous management and project leadership experiencerequired.
- Experience with one or more of the following security platforms, and a willingness to learn all of them:
- McAfee Endpoint Protection
- McAfee Endpoint Threat Defense & Response
- Symantec Endpoint Protection
- Symantec Data Loss Prevention
- Symantec Email Security.cloud (MessageLabs)
- 5+ years Security Engineering or Information Securityexperience.
- 5+ years networking experience.
- At least one certification in Security including Security+, GSEC, GCIA, GCIH, CISSP, CISM or othersecurity-specific vendor/product certifications.
- Certification in platforms listed under Required Skills, such as Symantec Certified Specialist (SCS).