SOC Analyst

Job#: 3009837

Overview

Seize your opportunity to make a personal impact as a SOC Analyst to support a DOD customer. Our client is your place to make meaningful contributions to challenging projects and grow a rewarding career.

At our client, people are our differentiator. As a SOC Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a joining our team to defend the customer’s multi-domain, on‑prem and cloud environments.

How an SOC Analyst will Make an Impact

• Interacts with the team daily to deliver on the customer’s requirements.
• Communicates with the team and other work centers to secure the customer’s cloud and on‑prem environments.
• Able to work on a team that supports a mission focused customer with high expectations.
• Triages and resolves events and incidents successfully defending the customer’s environments with multiple boundaries.
• Utilizes technical knowledge, interpersonal skills and grit to solve challenging operational requirements.
• Provide Cyber Security Threat Hunting expertise and deep analysis of raw data from assets supporting Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services
• Proactively search and identify indicators of compromise and anomalous behavior which is indicative of malicious behavior that has not yet met the event/incident threshold, or has not been detected by automated security tools
• Assess data from multiple sources and navigate the cyber terrain to identify suspicious behavior
• Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report
• Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts
• Demonstrate systems experience using Security Information and Event Management (SIEM) and Incident Response analysis
• Knowledge of Network Intrusion Detection System/Intrusion Prevention Systems (NIDS/IPS) as well as Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
• Knowledge of Security Orchestration Automation and Response (SOAR), Endpoint and Network Detection and Response (EDR/NDR) and User Behavior Analytics (UBA)
• Ability to demonstrate strong analytical and problem‑solving, and also leverage interpersonal, organizational, writing, communications, and briefing skills
• Ability to work within a team environment to meet security challenges, by documenting requirements and researching solutions, and providing recommendations for resolution
• Will use experience developing in Bash, Perl, Shell, PowerShell, SQL, D3, HTML, XML, CSS, Bash, JAVA and/or Python scripts, and experience writing Splunk queries in Splunk Programming Language (SPL).

Education

• Bachelors

Required Experience

• 5+ years

Required Technical Skills

• Security+, CEH

Security Clearance Level

• TS/SCI

Required Skills and Abilities

• Effective communication, problem solving, attention to detail

Preferred Skills

• Splunk Enterprise Security, Admin, Splunk Programming Language, AWS Security, User Behavior Analytics, Endpoint Detection & Response, Network Detection and Response, Intrusion Detection System, Intrusion Prevention Systems

Location

• On Customer Site

Citizenship Required

• US Citizenship