The SOC Operational Analysis & Response Analyst is a full time employment position with Dell Services - Federal Government working in support of our customers on-site at NASA Ames Research Center @ Moffett Field near Mountain View, CA. The NASA Security Operations Center (SOC) Operational Analysis and Response (OAR) Analyst will be responsible for analyzing Intrusion Detection System (IDS) and network flow traffic. Be part of a team responsible for identifying, notifying, and responding to security threats to networks. This position requires knowledge in the following information security disciplines: IDS monitoring, incident response, information assurance, computer security best practices, system hardening, vulnerability management, antivirus, firewalls, and techniques for analyzing TCP/IP network traffic and event logs. Candidate must be able to perform packet analysis and must be familiar with analyzing network traffic for security events. Develop reports on various aspects of network security, as well as make recommendations for improving security policies. This position is customer facing and requires excellent written and oral communication skills. Additional duties may include software development of analyst utilities. This position will also serve as the administrative manager for a number of the SOC OAR Analysts, which involves coordinating shift schedules and leave, approving timesheets, ensuring that analysts are properly provisioned, trained, and fulfilling their shift duties, including punctual arrival. Additionally, the OAR Managers are expected to mentor the other analysts, and serve as leaders for the analysis teams. Preferred Technical Experience: Requires a Bachelors degree or equivalent - Security certifications a plus (eg, CISSP, GIAC) - Relevant security certification(s) preferred Essential Duties & Responsibilities 8-10 years of related IT experience that includes 1-3 years of management experience Specific Skills - Thorough understanding of network protocols and routing - Thorough understanding of commonly used network services - DNS, mail, web, etc. as well as less common network services - Perform packet analysis and be able to identify malformed packets - Be able to analyze the payload of the packet - Know the type of traffic that should be seen into and out of the most commonly used ports and be able to identify deviations from the norm - Define the relationship between seemingly unrelated events - Create rules and modify filters in various software (IDS, network flow, etc) - Understand differences between various operating systems - which OS an event came from and which OS is vulnerable to a certain attack - Determine if new correlated file meets incident criteria - Scripting language (Python/Perl/Shell) Scripting ability preferred - Must have the ability to work in a 24/7/365 shift environment Additional Responsibilities Must be able to manage customer accounts and confidently communicate technical information to SecureWorks client base Maintain keen understanding of evolving Internet threats to ensure the security of SecureWorks Client networks Learn prerelease products in the area(s) of support responsibility in order to support them when released Write technical articles for internal knowledge base Participate in knowledge sharing with other analysts and develop customer solutions efficiently Coordinate or participate in individual or tem projects to ensure quality support for our clients Perform other essential duties as assigned Certifications Desired CISSP, SSCP, CISM, CCNA, CCSP, CSPFA Certifications a plus GIAC, GCIA, GCIH, GCFW, GHTO, GSEC or similar certification desirable Overtime : straight time