SOC Analyst Tier 1/2
Reston, VA 20170 US
We are looking for Security Operations Analyst - Digital. I.e. Digital Forensics, Packet Capture, Malware, Incident Response.
We are looking for people with experience protecting critical infrastructure to help us defend cloud infrastructure used by the United States Government. Our team is skilled in threat hunting, analyzing indicators of compromise (IOCs), investigating adverse security events, security incident management, and digital forensics across IaaS, PaaS and SaaS environments. You will be part of a security operations team responsible for defending this infrastructure from adversaries and insider threats. This includes using tools to analyze and respond to threats, creating tools/scripts to aid in analysis, and responding in real time to adverse security events. Our team is the last line of defense if security controls are breached. We are growing fast and working on ambitious new initiatives.
The Tier 1 SOC Analyst monitors and responds to threats on infrastructure, services, and applications, triaging security alerts, escalating alerts to senior analysts, and taking action to contain threats based on established runbooks. As an analyst, you must be able to perform investigations of threats and take appropriate action. You will work during an assigned shift that may include some nights and weekends.
- Execute SOC standard operating procedures as defined in run books
- Operate SOC technologies, including but not limited to a Security Information Event Management (SIEM) platform, Intrusion Detection Systems (IDS), Firewalls, Anti-Malware solutions, and insider threat software
- Assist with security incident response activities
- Prepare assigned reports for the SOC shift manager
- Provide high quality written and verbal reports as required
- Actively monitor and respond the SIEM alert queue and triage alerts
- Investigate alerts using standard operating procedures
- Monitor several screens, systems, and alerts simultaneously
- Experience in one or more of the following fields of work: National security, military, federal intelligence, law enforcement, criminology, and/or foreign areas and language
- A background in information security with experience in security operations
- Experience with variety of operating systems and threats that target them including Windows, UNIX/LINUX, and MacOS
- Experience performing open source research on a variety of topics
- Previous Incident Response, Security Operations Center, and/or Forensic Analyst experience preferred
TS/SCI with poly clearance required.
This is shift work including nights and weekends. Looking for 2nd and 3rd shift.
Expected hours: Until training is complete (First 30-60 Days) M-F, 8-1600 After Training is complete
4x10 Sunday-Wednesday or Wednesday to Saturday OR 5x8 which would be Sunday – Thursday or Tuesday to Saturday.