L2 Analyst JD
The L2 Zscaler Networking/Security Support Analyst is responsible for monitoring the Client’s network for events generated via Zscaler and Client’s IT Service Management (“ITSM”) / Information Technology Infrastructure Library (“ITIL”) systems in place. Client’s security tools will be used for additional analysis, and for responding by following the documented runbooks and other procedures as determined and defined by Client.
Prior to investigative work the L2 Zscaler Analyst will check the following:
Review the Priority of the Incident/ticket. In the case of critical or high priority tickets , re-route to L3 support without delay
The L2 Zscaler Analyst will work closely with other SOC/ITSM resources on escalated events to action:
Investigation and Zscaler Analysis:
Traffic Forwarding
Review of Zscaler tenant configurations and proxy routing mechanisms
Resolve users’ inability to access SaaS services
Resolve users’ inability to access Zscaler Client Connectors (Application and Client)
Resolve users’ inability to access ZPA vault applications
Analyze Zscaler log analytics for debugging
Resolve forwarding issues by being able to make traffic forwarding changes, understanding the private access infrastructure, and troubleshooting app connectors
Authentication
Resolve Error messages - SAML 2.0 (Zscaler to PingFederate/Azure AD)
Assist incorrect certificate deployments
Policy Setting & Assignment
Resolve users’ inability to access to SaaS services by policy
Tune incorrect policy assignment for users/user groups
Tune incorrect Zscaler Client Connector policies (App and Client)
In any incident scenario, the L2 Zscaler Analyst also has the following logistical responsibilities:
Update tickets based on investigative progress or results
Provide updates to users or groups as required by SLA rules
Communicate with users for any troubleshooting issues and resolution
Responsible for delivering ad-hoc information for weekly and monthly metrics to management
Responsible for closure of tickets after the required follow-up activities are complete, such as documenting root cause of incidents and false positives
Capture and catalog user requested destinations via ZPA that are not already allowed and submit the change (URL, Port, Protocol, Service, IP/range, etc.) in the centralized inventory designated by Client.
Once the incident is resolved, the L2 Zscaler Analyst should validate that the incident was, in fact, resolved by reviewing the relevant Zscaler policies and logs.
L2 Analyst Skillset
Communication Skills
Ability to work independently and communicate the technical and security-related issues to client/business stakeholders
Ability to communicate in an organized and knowledgeable manner in written and verbal formats, including delivering clear requests for information to users and communicating technical information to non-technical audience
Must communicate consistently and drive objectives, relying on fact-based decisions about risk that improve the trade-off between risk mitigation and business performance
Good presentation, project management, facilitation, and delivery skills
Ability to create documentation of work and present to management
Networking / Security Skills
Understand various system/networking integrations between with single sign-on (“SSO”), Active Directory (“AD”), proxies, cloud API’s, tunneling, VM’s and firewalls
Ability to troubleshoot and develop solutions to complex issues, which may include, but are not limited to: Network architecture, proxy configurations, security, performance, and infrastructure
Deep understanding of cloud technologies and cloud-based solutions
Strong Critical Thinking Skills
Ability to identify and analyze current processes including bottlenecks, concerns, etc. and then act upon them with the ability to effectively justify those actions
Ability to identify future roadblocks and promote data-based problem solving
Ability to assess and prioritize problems in relation to organizational goals
Strong analytical and problem-solving capabilities
Additional Skills
Ability to create domain specific training content for new Zscaler issues and solutions and deliver training effectively.
Strong understanding of privacy, security, and other regulations that are applicable to GE Aerospace
Ability to remain flexible in a demanding work environment and adapt to rapidly changing priorities
Strong skills in time management, prioritization, and attention to detail
Possess a high level of integrity and ethics
Job Type: Contract
Schedule:
- 8 hour shift
- Weekend availability
Experience:
- Linux: 1 year (Preferred)
- Cybersecurity: 1 year (Preferred)
- Information security: 1 year (Preferred)
Work Location: Remote