Home |  Corporate Overview |  Service Offerings |  Supply Contracts/Arrangements |  Clients |  Projects |  Resource Availability |  Opportunities |  Contacts

Security Operations Centre (SOC) Vulnerability Analyst (Stream 3 - IT Security)

Education & Experience

A - Successful completion of a post-secondary degree in Computer Science, Systems Engineering or related field, from a recognized academic institution;

And

B - A minimum of three (3) years professional work experience in the Information Technology (IT) field, of which two (2) of the last five (5) years must be directly related to the development of information security solutions and/or the analysis of information security event logs.

OR

A - A two (2) or three (3) year college diploma in Computer Science, Systems Engineering or related field, from a recognized academic institution;

And

B - A minimum of five (5) years professional work experience in the IT field, of which three (3) of the last five (5) years must be directly related to the development of information security solutions and/or the analysis of information security event logs.

OR

A minimum of eight (8) years professional work experience in the IT field, of which four (4) of the last six (6) years must be directly related to the development of information security solutions and/or the analysis of information security event logs.

Roles and Deliverables could include but are not limited to:

The SOC Vulnerability Analyst is responsible for providing advanced security analysis using vulnerability assessment tools for network, web and database assessment. Duties could include:

  • Provide advanced analysis support for all vulnerability assessment activities.
  • Determine appropriate course of action for events of interest.
  • Build vulnerability assessment plans/configuration.
  • Adhere to documented escalation, process and communication plans.
  • Provide technical investigative reports to the clients and management team.
  • Maintain documentation to support security operations.
  • Track and document changes to monitored environments.
  • Maintain a list of assets located within monitored environments.
  • Identify and track the criticality, confidentiality and owner of each network and system.

Specialties could include but are not limited to:

  • Microsoft, Unix and Linus OS
  • Network protocols including TCP/IP, UDP/IP
  • Application network protocols including DNS, SMTP, HTTP, etc.
  • Attack methods against IT systems
  • Vulnerability assessment systems

    • Copyright 2005 - 2011 The Devon Group Ltd. All Rights Reserved.