Position Description
***This job req is subject to overtime discounts (0.95x exempt; 1.35x non-exempt) and a 10% discount after six months of service***
Bill Rate: $55.00/hr (Do not exceed this rate!)
Minimum Pay Rate: $39.86/hr
Positions: 8
Location: Augusta, GA
Duration: 3 months, C2H for high performers.
U.S. Citizenship Required?: Yes – Must note at the top of the resume!
End Clients: GTA, SoK, VITA
Background: Additional backgrounds screens with the State will be required (fingerprinting – covers anything after 18 years old); The State will work directly with the new hire on these screens and Pinnacle/supplier will not be involved
Travel: Not to be expected; 0-10% (cost covered by Client if it does occur)
Interview Process: 1st phone, 2nd in-person; likely a decision to be made at this point, but a final 3rd interview (in-person) is a possibility
Schedule: 24x7 Security Operations Center – The first month will be day shift for training. After that, the schedules will be split into 1st, 2nd, and 3rd shifts (the manager provided a draft schedule for us below). ALL of the candidates’ shift preferences and availability MUST be listed at the top of the resume (in order or preference; priority on top)
*The manager only cares about coverage, so if later on down the assignment the contractors want to make agreements with others to switch shifts occasionally that is fine – as long as there is coverage and supervisors/managers are kept in the loop.
SHIFT
SUN
MON
TUE
WED
THUR
FRI
SAT
1st Shift
Operator 1
TBD
6:00-4:00
6:00-4:00
6:00-4:00
6:00-4:00
Operator 2
Covered
8:00-6:00
8:00-6:00
8:00-6:00
8:00-6:00
Operator 3
TBD
8:00-6:00
8:00-6:00
8:00-6:00
8:00-6:00
Operator 4
TBD
6:00-4:00
6:00-4:00
6:00-4:00
6:00-4:00
Operator 5
TBD
8:00-6:00
8:00-6:00
8:00-6:00
8:00-6:00
Operator 6
TBD
8:00-6:00
8:00-6:00
8:00-6:00
8:00-6:00
Operator 7
Covered
8:00-5:00
8:00-5:00
8:00-5:00
8:00-5:00
8:00-5:00
Operator 8
Covered
8:00-5:00
8:00-5:00
8:00-5:00
8:00-5:00
8:00-5:00
2nd Shift
Operator 9
Covered
2:00-12:00
2:00-12:00
2:00-12:00
2:00-12:00
Operator 10
TBD
4:00-2:00
4:00-2:00
4:00-2:00
4:00-2:00
Operator 11
Covered
2:00-12:00
2:00-12:00
2:00-12:00
2:00-12:00
Operator 12
TBD
4:00-2:00
4:00-2:00
4:00-2:00
4:00-2:00
Operator 13
TBD
4:00-12:00
4:00-12:00
4:00-12:00
4:00-12:00
4:00-12:00
3rd Shift
Operator 14
TBD
10:00-8:00
10:00-8:00
10:00-8:00
10:00-8:00
Operator 15
TBD
12:00-10:00
12:00-10:00
12:00-10:00
12:00-10:00
Operator 16
TBD
10:00-8:00
10:00-8:00
10:00-8:00
10:00-8:00
Operator 17
TBD
12:00-10:00
12:00-10:00
12:00-10:00
12:00-10:00
Top Skills Set The Manager is Looking for:
· SIEM knowledge (preferably LogRhythm, but not required)
· Identity and Access Management knowledge (Preferably Okta, but not required)
· Advanced Endpoint Protection knowledge (Preferably Cylance or Carbon Black)
· Firewall/Networking knowledge (Palo Alto, Cisco, Checkpoint and/or Fortinet)
Overview: To provide high quality security device management and support services to Managed Security Service customers. This can include (but not limited to) Firewall, IDS/IPD, VPN Concentrator, VM/Scanning Systems and SIEM in either a leveraged or dedicated delivery team model.


Key Job Responsibilities
• Working incidents based on standard service measures.
• Provide technical support to customers across the managed service portfolio.
• Responding to device alerts through in-house proactive alerting system.
• Support customers via on-site, and/or remote phone and email.
• Liaise with vendors to support customer devices and environments.
• Attending technical training to retain skill levels across portfolio.
• Qualifications Technical certification in at least 1 security or network products set

Required Skills
• 2 years related experience
• An understanding of networking technologies
• Experience in a Support environment
• Experience of working within a team environment
• Excellent customer service skills
• Pro-active attitude to troubleshooting support issues
• Evidence of trouble-shooting skills
• Experience working with packet captures/tcp dumps
• Knowledge of different security platforms available with experience of configuring/managing at least one of the following
- Checkpoint firewall
- Juniper Netscreen/SRX firewall
- CISCO PIX/ASA firewall
- Bluecoat Proxy
- F5 load balancer

Beneficial Skills
• Knowledge of Checkpoint, F5, Bluecoat, MacAfee and Juniper Products
• Familiarity with SIEM, IPS/IDS and VPN Technologies and Authentication Software
• Familiarity with Microsoft and Citrix servers.
• Familiarity with ITSM/ ticketing systems.
Job Responsibilities:

The primary function of this role is to participate as a mid-level member of a 24x7 Security Operations Center (SOC) team, delivering the required actions as described within agreed guidelines and follow standard procedures to maintain, manage and report on the security event management and infrastructure events of our clients.

* Applying knowledge of a client's security policies and procedures to detect, analyses and prevent both internal and external security breaches using SIEM and other security event monitoring tools
* Research and document appropriate information to support escalations of complex security issues to Senior Analysts or appropriate engineers
* Actively monitor the SIEM/security monitoring tools in order to identify anomalies and other event not automatically detected
* Develop basic SIEM/security monitoring tool event filters
* Lead or assist rule development activities to need to increase detection efficiencies and help in the prevention of malicious attacks
* Provide vulnerability assessment analysis to clients/accounts based on scanning technology output.

* Experience in networking, operational security management and telecommunications;
* At least 4 years' experience in a security analyst/administrator role in a complex environment;
* Extensive knowledge of security products and network topology;
* Extensive knowledge of TCP/IP and other protocols;
* In-depth knowledge of current Internet security attacks and prevention.
* Experience in security analysis tools such as ArcSight, LogRythm, QRadar, etc.
* Strong knowledge of leading enterprise commercial firewall technologies (certifications preferred);
* Strong knowledge of structured intrusion detection, tracking and analysis using industry leading commercial technologies (certification preferred);
* Specific knowledge of Windows security issues;
* Specific knowledge of Unix security issues;
* Excellent English communication skills, both verbal and written. Other language skills are an advantage;

Preferable Certification: CPT, CEPT, ECSA, GCIH (SANS), GCIA (SANS)