Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Cloud and Security solutions to create agile, secure infrastructure platforms for middle-market customers. We deliver this technology expertise through a full life cycle model of professional, managed, and support services including strategy, consulting, implementation and design. By taking the time to deeply understand how our clients define success, we help them harness technology advances, simplify IT complexity and optimize their environments today while enabling future applications, user experiences, and revenue models. As of June 30, 2018, we serve approximately 8,000 middle-market, large, and government organizations across a diverse range of industries. Approximately 2,900 Presidio professionals, including more than 1,600 technical engineers, are based in 60+ offices across the United States in a unique, local delivery model combined with the national scale of a $2.8 billion dollar industry leader. We are passionate about driving results for our clients and delivering the highest quality of service in the industry. Presidio is majority owned by affiliates of investment funds managed by affiliates of Apollo Global Management, LLC (NYSE:APO).
Our comprehensive security risk methodology gives customers the ability to safeguard their environments and critical business data. This includes continuous threat protection and risk mitigation through the Presidio Cyber Risk Management program, a next generation approach that integrates security strategy, assessments, architecture and remediation, and aligns all of these with organizational goals.
The Presidio Managed Services Senior Security Analyst is responsible for monitoring, analysis, triage and remediation of security events collected by our Security Information and Event Management (SIEM) platform. You are well-versed in security architecture; deep knowledge of current and emerging threats; able to develop risk mitigation strategies required to protect the confidentiality, integrity and availability of information systems and client data; and proficient at working with internal business units and vendors to resolve issues and develop efficient and effective action plans.
You will monitor the client environment for incidents and malicious activity
You will analyze security events and identify relevant incidents
Utilize service delivery tool set to generate incidents requiring client escalation
Perform packet analysis and analyze network traffic for security events
Generate high quality reports
Coordinate with security SME while providing incident handling and response support
Train, mentor and develop junior security analysts
Work with and provide remediation and improvement recommendations to clients
Contribute to process improvement and efficiency
We seek a Bachelor's Degree in a related field from an accredited school or the equivalent work and/or military experience
We seek a minimum of two of the following security certifications: GIAC-Any, CISSP, CEH, OSCP, CAS-P or other security related certification
You will have 5+ years related experience
You have prior experience with well-known information security related tools such as Wireshark, NMAP, TCPDump
We seek a detailed knowledge of common attack methodologies, tactics and protocols
You possess a strong foundation in networking fundamentals with a deep knowledge of TCP/IP and other core protocols
You are aware and knowledgeable of common network based services and common client/server applications
Ability to work in a dynamic 24/7/365 shift environment
Previous experience working in a Managed Services Security Provider (MSSP) is preferred
We seek experience with enterprise level security incident/event management tools such as Intel Security ESM, HP ArcSight or IBM QRadar, LogRhythm
Prior experience with vulnerability scanning tools such as Nessus or Security Center
You bring 1 year of experience utilizing SIEM platforms
You have 3+ years' experience maintaining, utilizing, and troubleshooting Cisco ASA/PIX Platforms
3+ years' experience maintaining, utilizing, and troubleshooting HP TippingPoint, SourceFire, or Cisco IDS/IPS Platforms
3+ years' experience maintaining, utilizing, and troubleshooting Palo Alto Platforms
3+ years' experience maintaining, utilizing, and troubleshooting Cisco IronPort
3+ years' experience maintaining, utilizing, and troubleshooting FireEye Product line
You possess excellent communications and interpersonal skills
You have a successful track record of being self-motivated to learn and thrive on challenges
To read more about employment discrimination protections under federal law, please visit: https://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf
If you have any difficulty using our online system and need an accommodation in the job application process due to a disability, please send an email to email@example.com for assistance.
Presidio, Inc. is a VEVRAA Federal Contractor requesting priority referrals of protected veterans for its openings. State Employment Services; please provide priority referrals to firstname.lastname@example.org
RECRUITMENT AGENCIES PLEASE NOTE: Presidio has a strict PSL in place and will only accept applications from agencies/business partners that have been invited to work on this role through the Presidio portal. Candidate Resumes/CV's not submitted through the Presidio portal or submitted directly to Hiring Managers will be considered unsolicited and will be treated as gifts and no fee will be payable. Thank you for your cooperation.