Home |  Corporate Overview |  Service Offerings |  Supply Contracts/Arrangements |  Clients |  Projects |  Resource Availability |  Opportunities |  Contacts

Security Operations Centre (SOC) Operator (Stream 3 - IT Security)

Education & Experience

A - Successful completion of a post-secondary degree in Computer Science, Systems Engineering or related field, from a recognized academic institution;

And

B - A minimum of three (3) years professional work experience in the Information Technology (IT) field, of which one (1) of the last five (5) years must be directly related to the development of information security solutions and/or the analysis of information security event logs.

OR

A - a two (2) or three (3) year college diploma in Computer Science, Systems Engineering or related field, from a recognized academic institution;

And

B - A minimum of five (5) years professional work experience in the IT field, of which two (2) of the last five (5) years must be directly related to the development of information security solutions and/or the analysis of information security event logs.

OR

A minimum of eight (8) years professional work experience in the IT field, of which four (4) of the last six (6) years must be directly related to the development of information security solutions and/or the analysis of information security event logs.

Roles and Deliverables could include but are not limited to:
The SOC Operator is responsible for providing security monitoring. The SOC Operator is the first escalation point for all security information and event management (SIEM) service security incidents. Duties could include:

  • Provide day-to-day expertise on proper handling of security events.
  • Provide technical and procedural direction during investigation of an escalated security event.
  • Respond to and confirm security incidents within the targeted framework.
  • Provide weekly trending and information analysis looking for incident precursors and indicators of potential attacks and/or threats.
  • Work with the SOC analyst to build use cases and integrate processes.
  • Adhere to documented escalation, process and communication plans.
  • Provide technical investigative reports to the management team.
  • Track threats and vulnerabilities to SIEM monitored environments.
  • Maintain documentation to support security operations.
  • Track and document changes to monitored environments.
  • Maintain documentation and diagrams supporting all information flows within monitored environments.
  • Maintain a list of assets located within monitored environments.
  • Identify and track the criticality, confidentiality and owner of each network and system.
  • Follow standard operating practices for developing content within the SIEM solution.
  • Configure the SIEM solution with the appropriate asset data and information classification.

Specialties could include but are not limited to:

  • Microsoft, Unix and Linus OS
  • Network protocols including TCP/IP, UDP/IP
  • Application network protocols including DNS, SMTP, HTTP, etc.
  • Forensic ITS investigations
  • Intrusion detection systems
  • Copyright 2005 - 2011 The Devon Group Ltd. All Rights Reserved.