OneIT - SOC Analyst

New York City, United States

Applications have closed

WSP is a global consulting firm assisting public and private clients to plan, develop, design, construct, operate and maintain thousands of critical infrastructure projects around the world.  

Position Summary

Under the guidance of the Manager SOC Tools, contribute to a team of technical experts that maintain and operate the security tools of the SOC. Provide metrics and governance over security tools, work on deployments and scheduling of updates, policy changes, etc. Collaborate on Blue team activities.

Specific areas of responsibility may fall into any one of the following areas of Security Operations, as assigned by the staff’s management.

  • Security Analysis
  • Threat and Vulnerability Management
  • Network, Database, Server and Endpoint, and Application Security
  • Antivirus and Antimalware analysis
  • Event Analysis
  • Privileged access management


The Analyst of SOC Tools and Ops will have multiple security related roles within the organization. Their main goal will be to provide a secure computing environment for the organization to conduct their business. The global security operations team will have overlapping duties however each role will have more specifically focused duties. As such, the role and essential duties will fit into the below classifications most closely.

  • Providing documentation and a working toolset for the IR Team and working with major incident teams to escalate problems and provide resolutions.  
  • Incident Management Process and Forensics – assist in providing forensic capabilities for the incident management process when needed. Monitor and manage infrastructure logging for security, including perimeter network devices, malware prevention, and intrusion prevention.  
  • Definition and implementation of controls - Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems. Develops and validates baseline security configurations for operating systems, applications, and networking and telecommunications equipment.  
  • Endpoint Protection Strategy – Formulate the companies’ Endpoint protection strategy, including but not exclusive to malware, host intrusion, encryption, browser protection and hardware level security controls.  
  • Network infrastructure security – responsible for determining and maintaining the technical standards for configurations of routers, switches, firewalls, IPS and IDS devices.  
  • Develop positive working relationships with other team members and business partners and partner across teams to align with WSPs internal and external client demands  
  • Finance/Budgetary Responsibilities  
  • Support the Manager SOC Tools in developing the budget projections based on short-and long-term goals and objectives.

Minimum Qualifications 

  • 5-+ years related experience in information security, risk, compliance, or similar position
  • Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering or related field
  • Knowledge of security technologies (encryption, data protection, network intrusion prevention, host intrusion prevention, firewalls, privilege access, etc.)
  • Knowledge of enterprise IT security concerns and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, PKI, IPSec, Firewall, SSH, SSL, DES, LAN/WAN, and TCP/IP
  • Knowledge of security best practices with relation to applications, network and client setups
  • Experience with IT Governance frameworks such as COBIT, ITIL and ISO 2700x, NIST
  • Experience with governance, compliance and audit within IT environments
  • Experience of risk management, including risk analysis, mitigation and monitoring
  • Knowledge of information security regulations applicable to WSP

Preferred Qualifications

  • Master's degree in Information Technology, Computer Science, Engineering or related field
  • Certification in Information Security (CISSP, ISC, or CISM) practices and policies 

WSP Benefits

WSP provides a comprehensive suite of benefits focused on a providing health and financial stability throughout the employee’s career. These benefits include coverage related to medical, dental, vision, disability, and life; retirement savings; paid sick leave; paid vacation (or other personal time); paid parental leave; and paid time off for purposes of bereavement, voting, and/or attendance at naturalization proceedings. 


Compensation
Expected Salary (all locations): $75,000-$125,000
WSP USA is providing the compensation range that the company in good faith believes it might pay and offer for this position, based on the successful applicant’s education, experience, knowledge, skills, abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.

Expected Salary (Colorado only): $80,000-$110,000

WSP USA is providing the compensation range that the company in good faith believes it might pay and/or offer for this position within the state of Colorado, based on the successful applicant’s education, experience, knowledge, skills, and abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.
 

About WSP

WSP USA is the U.S. operating company of WSP, one of the world's leading engineering and professional services firms. Dedicated to serving local communities, we are engineers, planners, technical experts, strategic advisors and construction management professionals. WSP USA designs lasting solutions in the buildings, transportation, energy, water and environment markets. With more than 15,000 employees in over 300 offices across the U.S., we partner with our clients to help communities prosper.

www.wsp.com

WSP provides a flexible and agile workplace model while meeting client needs. Employees are also afforded a comprehensive suite of benefits including medical, dental, vision, disability, life, and retirement savings focused on providing health and financial stability throughout the employee’s career.

At WSP, we want to give our employees the challenges they seek to grow their careers and knowledge base. Your daily contributions to your team will be essential in meeting client objectives, goals and challenges. Are you ready to get started?

WSP USA (and all of its U.S. companies) is an Equal Opportunity Employer Race/Age/Color/Religion/Sex/Sexual Orientation/Gender Identity/National Origin/Disability or Protected Veteran Status.

The selected candidate must be authorized to work in the United States.

NOTICE TO THIRD PARTY AGENCIES:

WSP does not accept unsolicited resumes from recruiters, employment agencies, or other staffing services. Unsolicited resumes include any resume or hiring document sent to WSP in the absence of a signed Service Agreement where WSP has expressly requested recruitment/staffing services specific to the position at hand.  Any unsolicited resumes, including those submitted to hiring managers or other business leaders, will become the property of WSP and WSP will have the right to hire that candidate without reservation – no fee or other compensation will be owed or paid to the recruiter, employment agency, or other staffing service. 

Tags: Agile Antivirus Application security Blue team CISM CISSP COBIT Compliance Computer Science Encryption Finance Firewalls Forensics Governance IDS Intrusion prevention IPS ITIL Malware Monitoring Network security NIST PKI Risk analysis Risk management Security analysis SOC SSH Strategy TCP/IP VPN Vulnerability management

Perks/benefits: Career development Equity / stock options Flex hours Flex vacation Health care Medical leave Parental leave

Region: North America
Country: United States
Job stats:  6  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.