"Alerted.org

**Job Title:** Senior ITS Consultant

**Location:** 20 Hudson Yards Space RU127 New York, NY

**Travel:** 25%

Job description:

MDR SOC Supervisor/L3 Analyst

In the SOC Supervisor role, you’ll be entrusted to deliver managed security services to some of the most recognized brands in the world, protecting them from threats that actually matter to their business…24x7x365. The SOC Supervisor will be tasked with assisting the SOC Manager in leading a team of cybersecurity analysts, providing guidance related to investigations, ensuring operations run smoothly, and interfacing directly with our clients.

Key Responsibilities:

OPERATIONAL RESPONSIBILITIES:

Support with investigations from any/all monitoring platforms as they occur.

This includes SIEMs, Endpoint tools, IDS, etc.

Function as an escalation point for investigations from all levels of SOC analysts requiring assistance/further investigation.

This includes:

Working with analysts (as needed) to investigate and triage security incidents for which they may be unfamiliar and require assistance.

Assisting L1/L2/L3 analysts with investigations under increased examination by the customer – such as those that are returned by the customer or being presented.

Play a pivotal role contributing to quality assurance of Analyst write-ups and investigations. Provide teach backs, spot-checks, and guidance to improve investigations for future escalations.

Function as an SME for one or more technology areas supported by the SOC.

This may include internal technologies used for monitoring customers or customer-owned platforms.

The SME is responsible for keeping all relevant procedural documentation up to date.

The SME is responsible for performing training on supported platforms (as needed).

The SME is responsible for interfacing with internal and customer teams (as needed) to support the technology for monitoring purposes. This may include being involved in projects objectives.

Demonstrate the ability to adapt to a broad array of analytical tools and methodologies with exceptional proficiency. Additionally, exhibit a unique talent for providing comprehensive guidance and mentorship to analysts, ensuring excellence during investigations, and training sessions, thereby setting a gold standard within our team.

Internal Status, Meetings, Etc.

Weekly status reports are not currently required by Supervisors but may be in the future.

Task tracking of objectives defined by SOC Leadership may be required.

Participation and/or ownership of internal analyst meetings may be required (as needed).

CLIENT RESPONSIBILITIES:

Function as a technical point of contact for all customers.

This includes establishing a relationship with counterparts at the customer to help execute the Statement of Work (SOW) and Standard Operating Procedure (SOP). These documents should be converted into procedures and kept up to date by Supervisor.

Take the lead on any investigations which require further examination by the customer.

Demonstrated experience in coordinating with clients to assess and mitigate cybersecurity threats, ensuring minimal impact on operations and sensitive information. Proficiency in implementing incident response protocols and strategies to swiftly resolve security breaches and safeguard client assets.

Ability to effectively conduct incident response for clients, including timely identification, containment, and analysis.

Provide recommendations for eradication and recovery from security incidents.

If applicable, function as a liaison between internal and customer’s teams to support monitoring.

This may include working with other internal MDR teams to improve monitoring capabilities or to support current operations.

Can run weekly status meetings with clients, to discuss custom built dashboards in our SOAR platform.

Work with fellow Supervisor to produce and deliver monthly metric packages.

Key Characteristics

Should possess a strong sense of initiative and be able to proactively identify opportunities for analysis and improvement. They will demonstrate the ability to work independently, prioritize tasks effectively, and take ownership of projects from inception to completion.

As SOC Supervisor, one must demonstrate a strong work ethic, showing dedication and diligence in all tasks undertaken. They should be willing to go the extra mile to deliver exceptional results and contribute to the overall success of the team.

Clear and concise communication is key to success in this role. The analyst must effectively communicate findings and recommendations to stakeholders across various levels of the organization. They should proactively seek clarification when needed and provide regular updates on progress.

As Supervisor you will be tasked with solving complex problems and providing innovative solutions. They should possess excellent critical thinking skills, coupled with a resourceful approach to gathering and interpreting data. The ability to think creatively and outside the box is essential in this role.

Precision and accuracy are paramount in our line of work. You must exhibit a keen eye for detail, ensuring that all investigations are conducted meticulously and that conclusions are based on reliable data.

Required Skills:

GENERAL REQUIREMENTS:

Working Hours: Normal Business Hours with On-Call

Education: Bachelor’s Degree or higher preferred

Experience: 5 Years in a 24x7 security operations environment, previous supervisory/management experience preferred

Certifications: 1 or more related cybersecurity certifications preferred (example: GIAC Certs)

TECHNICAL REQUIREMENTS:

Demonstrated experience with event detection, triage, analysis, and incident response including:

Investigative Process

Remediation Techniques

Isolating hosts

Pulling files from hosts

Conducting full scans on hosts

Root Cause Analysis

End user management

FW Blocks etc.

Log Analysis

Host-based Analysis

Network Traffic Analysis

Email Analysis

OSINT

Cyber Kill Chain

MITRE

Experience with various SIEM platforms, such as Devo, Elastic, Splunk, QRadar, Sentinel, etc.

Experience with various Endpoint protection platforms, such as MS Defender, CrowdStrike, Tanium, Cybereason, etc.

Experience with various ticketing systems, such as ServiceNow, Archer, Jira, etc.

Experience with various SOAR platforms, such as Palo Alto’s XSOAR, Swimlane, Siemplify, etc.

Knowledgeable regarding computing concepts, such as networking, scripting, etc.

Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.

Experience in computer intrusion analysis and incident response.

Computer network surveillance/monitoring.

Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures.

SOFT SKILL REQUIREMENTS:

Exemplary communication and interpersonal skills.

Both internal, and with customers.

Presentation skills.

Proactive mindset to problem solving and operational improvement.

Ability to document and explain technical details clearly and concisely to audiences with varying degrees of technical aptitude.

Take ownership and drive client escalations to resolution.

Ability to manage multiple projects with competing priorities.

A willingness to be challenged and a strong desire to learn.

Focus on both the tactical (i.e. day-to-day incident handling) and strategic (i.e. positioning our team for future success, such as finding ways to do things faster, better, and more effectively while maintaining a laser focus on quality).

CREDENTIALS:

A bachelor’s degree or equivalent experience is required for this role.

Supervisor personnel must hold or work towards attaining GCIH, CySA , GIAC Certs. This is not a requirement to take on the role but may be an objective set forth by SOC Leadership.

Supervisors must be certified in the product areas for which they are SME. This is not a requirement to take on the role but will become an objective set forth by SOC Leadership.

Life at Capgemini

Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:

+ Flexible work

+ Healthcare including dental, vision, mental health, and well-being programs

+ Financial well-being programs such as 401(k) and Employee Share Ownership Plan

+ Paid time off and paid holidays

+ Paid parental leave

+ Family building benefits like adoption assistance, surrogacy, and cryopreservation

+ Social well-being benefits like subsidized back-up child/elder care and tutoring

+ Mentoring, coaching and learning programs

+ Employee Resource Groups

+ Disaster Relief

About Capgemini

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to

engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion.

Get the future you want | www.capgemini.com

Disclaimer

Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.

Capgemini is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Click the following link for more information on your rights as an Applicant http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law

Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

**Job:** _Infrastructure_

**Organization:** _CIS US MS_

**Title:** _Senior ITS Consultant- Sr Network Engineer_

**Location:** _NJ-Bridgewater_

**Requisition ID:** _082092_

**Other Locations:** _US-New York_