Contact Us | Falcon IT & Staffing Solutions

Senior SOC Analyst

Job Title
Senior SOC Analyst
Job ID
27627803
Location
Washington,  DC
Other Location
Description
ur client is a rapidly growing information security and information technology company in Washington, DC. We are looking to hire a Senior Cyber Security Analyst to provide a full range of cyber security services on a long-term contract in Washington, DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

Apply by sending a resume and salary requirement. We look forward to hearing from you!


Job Requirements:
  • In-depth knowledge of the US-CERT Federal Incident Notification Guidelines
  • 6 years of Information Technology experience, with at least 4 years of experience in information security working within security operations (at least 4 WITH SOC is a good to go!)
  • Splunk, Zeek, Snort, Microsoft 365 monitoring preferred
  • Working knowledge of Microsoft Defender and Defender for Endpoint solutions.
  • Career proven knowledge of log, network, and system forensic investigation techniques
  • Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
  • Significant experience with packet analysis (Wireshark) and Malware analysis---- NEEDED
  • Intelligence driven defense utilizing the Cyber Kill Chain (CKC)- NEEDED
  • Knowledge of diverse operating systems, networking protocols, systems administration, and security technologies
  • Knowledge of TCP/IP Networking and knowledge of the OSI model
  • Experience creating actionable content for a diverse range of commercial security tools and/or SIEM technologies
  • Significant experience monitoring threats via a SIEM console
  • Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
  • Strong customer service skills and decision-making skills
  • Working knowledge of client infrastructure preferred
Certifications/Licenses:
  • Bachelor's degree in Computer Science (not important, so 8-12 yrs. experience without Bachelors) or related field or equivalent work experience
  • Certified Information Systems Security Professional or Associate
  • Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Certified Incident Handler (GCIH)
Additional Experience Preferred:
  • Minimum 4-years of experience in SOC/CIRT with 2-3 years of specific experience as a senior level analyst, Lead Analyst or Subject Matter Expert (SME).
  • Experience with at least one of the following: Splunk, Bro/Zeek, Snort, and Microsoft 365 preferred.
  • Previous SOC/ CIRT experience at a federal agency-  ANYONE who worked SOC at a Fed Agency is GREAT lead.
  • Familiarity with the MITRE ATT&CK framework
  • EC Council Certified Ethical Hacker (CEH)

Position Responsibilities:
  • Perform hunting for malicious activity across the network and digital assets
  • Respond to computer security incidents and conduct threat analysis
  • Identify and act on malicious or anomalous activity
  • Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
  • Perform detailed investigation and response activities for potential security incidents
  • Provide accurate and priority driven analysis on cyber activity/threats
  • Perform payload analysis of packets
  • Recommends implementation of countermeasures or mitigating controls
  • Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
  • Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
  • Develop innovative monitoring and detection solutions using client tools and other skillsets such as scripting and content development
  • Mentor junior staff in cybersecurity techniques and processes
  • Create and continuously improve standard operating procedures used by the SOC
  • Resolve or coordinate the resolution of cyber security events
  • Monitor incoming event queues for potential security incidents
  • Create, manage, and dispatch incident tickets
  • Monitor external event sources for security intelligence and actionable incidents
  • Maintain incident logs with relevant activity
  • Document investigation results, ensuring relevant details are passed to SOC Lead, Incident Management team and stakeholders
  • Participate in root cause analysis or lessons learned sessions

 

Option 1: Create a New Profile