Role Description This project will optimize the agency's CrowdStrike SIEM and related CrowdStrike services to improve threat detection, monitoring, and response capabilities. The contractor will expand and tune telemetry, integrate additional high-value log sources, enhance security dashboards, and support the rollout of additional CrowdStrike services. The effort will increase visibility into endpoint and security risk, improve signal quality and correlation, and provide security leadership with clear insight into security operations effectiveness and overall risk posture. Expected Outcomes - Expanded and optimized CrowdStrike SIEM telemetry coverage - Integration of additional high-value log sources - Improved dashboards for operational and executive visibility - Enhanced detection fidelity and monitoring effectiveness - Clearer insight for leadership into endpoint risk and security operations performance Duties to Be Performed - Assess current CrowdStrike SIEM configuration, telemetry coverage, and log ingestion - Enable and tune additional CrowdStrike telemetry to improve visibility and signal quality - Identify and integrate new high-value log sources into CrowdStrike SIEM - Develop and refine security dashboards aligned to SOC and executive use cases - Assist with technical enablement and rollout of additional CrowdStrike services - Validate data quality, parsing, and correlation within the SIEM - Coordinate with Security Operations, IT Operations, and system owners - Identify gaps, risks, and improvement opportunities in monitoring and detection - Provide weekly status updates and monthly executive-level progress summaries - Deliver supporting documentation and recommendations to sustain improvements Deliverables - Summary of work performed and capabilities delivered - Documentation supporting all telemetry enablement, log integrations, and dashboard implementations - Measurable improvements in monitoring, detection, or visibility - Recommendations for future enhancements or next-phase efforts Qualifications - Demonstrated skill with documentation, reporting, and knowledge transfer - Experience with Stakeholder Engagement, and Executive Communication - Experience in SIEM Detection Engineering and Alert Optimization - Experience in Log Source Integration and Data Normalization - Hands-On Experience with CrowdStrike SIEM and Dashboard Development - Hands-On Experience with SIEM and Dashboard Development

Role Description You’ll be a part of Conduent Cyber Security Operations team, the Level III CSIRT lead Analyst that will utilize multiple security technologies that allow CSIRT members to work collaboratively and efficiently while responding to threats. As Weekend lead analyst 1st shift (Friday, Saturday, Sunday, Monday) within a 24/7 Cyber Security monitoring environment, you will be responsible for carrying out Security Incident management processes. We need someone who can perform responsibilities associated with: - Investigating incidents escalated from Level I and II incident responders - Conducting technical investigations for security incidents - Providing process improvements - Incident management You’ll partner with Security Engineers to implement and improve technology and process to enhance CSIRT monitoring, investigation, and response. Qualifications - Bachelor’s Degree from four-year college or university in Information Technology, Information Security/Assurance, Engineering or similar area of study required - Minimum of 3 years of technical experience in Incident Response and Management - Experienced in providing shift leadership and technical guidance to Level I & II Security analysts in a SOC environment - Advanced knowledge and expertise of using SIEM technologies for event investigation - Experience with incident handling/incident response techniques within a cloud-based environment such as Azure - Exposure and understanding of audit requirements (PCI, HIPPA, GDPR, etc.) - Any SANS Certification and/or Certified Information Systems Security Professional (CISSP) Requirements - Certified Incident Handler (GCIH) - Certified Intrusion Analyst (GCIA) - Certified Ethical Hacker (CEH) Benefits - Career Growth Opportunities: We help you thrive, so together, we can grow. We provide opportunities to advance your career with a vast portfolio of businesses and a global footprint. - Great Work Environment: We are proud of our award-winning culture and the recognition we’ve received for our diversity efforts.

• Take ownership of routine security investigations • Combine hands-on alert analysis, evidence correlation, clear case documentation, sound recommendations, and reliable handoff quality • Work as part of a rota that may include day, late, night, and weekend shifts • Ensure good handover discipline and clear shift continuity • Reach a well-supported view of what is happening and either move the case to closure within scope or escalate it cleanly

• Monitor the Ochsner computer network environment for potential security threats. • Work with and learn from experienced security team leaders. • Use the latest technology to detect, analyze and limit intrusions and security events. • Perform network security monitoring and incident response. • Maintain records of security monitoring and incident response activities. • Monitor and analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM). • Facilitate the day-to-day operation of the infrastructure and maintain proper levels of system and data availability. • Provide installation and support of the technology infrastructure.