Key Responsibilities: Provide “eyes on glass” near real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing a proprietary SIEM and cybersecurity tools; Perform near real-time security monitoring of alerts and escalating critical alerts in compliance with the service level agreement; Detect security incidents and analyze threats for complex and/or escalated security events; Respond to customer Requests For Information including using Linux command line skills to query raw logs for IOCs, answering questions about the MSS infrastructure, and features of the SIEM including correlation engine while recommending best practices; Develop internal and/or external documentation, such as detailed procedures, playbooks, and runbooks; review and assess reports concerning operational metrics; Perform level 2 assessment of incoming alerts (assessing the priority of the alert, determining severity of alert in respect to customer environment, correlating additional details) and coordinate with tier III for critical priority incidents, if necessary; Perform incident response activities utilizing customer SIEM and cybersecurity toolkits; Assist with quality control during onboarding of new customers to verify validity of Use Cases and generated alerts; Utilize the SOC Knowledge Base and provide input on revisions as needed; Key Requirements and Technology Experience: Key Skills' SIEM, SOC, IPS Ability to obtain GSA Public Trust clearance At least three years of experience in security-related fields including prior SOC experience Experience using a supported Security Incident Event Management (SIEM) for analytics Knowledgeable with scripting, parsing, and query development in enterprise SIEM solutions Experience in tuning use cases & content, driven from day to day optimizations, with understanding of best practices to ensure adjustments do not cause false negatives Experience with documenting processes and procedures as well as training team members on processes and procedures Experience with incident response techniques related to network forensic analysis Experience investigating security incidents with SIEMs, use case development/tuning, and understanding of incident response Experience with IPS including analyzing alerts generated by the inspection with consideration to how signatures are written, and how to identify false positives Experience with implementing changes on next generation firewalls including firewall policy & content inspection configuration ( Fortimanager, Fortigate, Cisco, Palo Alto, Checkpoint, etc.) Skilled with Linux command line Our client is a leading Telecommunication Industry, and we are currently interviewing to fill this and other similar contract positions. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners.