Tier 3 SOC Analyst
- Job Title
- Tier 3 SOC Analyst
- Job ID
- Work From Home
- DC, MD
- Other Location
We are looking to hire a Cyber Security Coordinator to provide a full range of cyber security services on a contract in Washington, DC. The position is full time and will support a Federal Government Contract. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.
· 6 years of Information Technology experience, with at least 3 years of experience in information security working withing security operations and 2 years’ experience developing detection methodologies and managing projects.
· Bachelor’s degree in Cybersecurity/Computer Science or related field or equivalent work experience.
· Technical certification (GCIH, GSEC, GCIA, CEH, etc) or equivalent experience and knowledge.
· Operational experience in the following functional areas:
o Event Handling
o Incident Response
o Data Analysis / Log Review
o Vulnerability Management
o Configuring and testing system security settings
o Detection Engineering
· The ability to effectively communicate the current status of the client’s security:
o Identify, develop processes for, and report on metrics related to the operations of the team
o Assist in the development and performance of quality control checks for SOC operations
o Identify and report on project status related to the functional areas listed above
· The ability to communicate clearly, correctly, and effectively about other teammate’s tasks and the ability to mentor other teammates in doing the same.
· The ability to assist other engineers/analysts in developing and communicating status updates. Additionally, support with project plans, deconstructing tasks, and providing updates in conjunction with a project management office
· Perform triage and root cause analysis on security events:
· Document the flow of data and identify multiple distinct data sources where suspicious behavior can be identified – must also be able to identify supplemental sources where similar data may be found
· Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation
· Communicate and collaborate with colleagues to investigate incidents
· Investigate and identify the root cause behind security incidents – to include all stages of the cyber kill chain as appropriate
· Identify new data sources for determination of security events:
· Analyze raw data sources to extract, institutionalize, and document actionable events
· Review existing security events and propose refinements as necessary
· Create additional training and documentation for the SOC operations
· Work with the client’s staff to address adhoc taskings as they arise
· Interact with other stakeholders in the client’s organization for troubleshooting/content development/etc. This interaction could include other teams in the CyberSecurity department outside of the SOC.
Additional Preferred Qualifications
· Management experience and certifications highly preferred (PMP, CISSP)
· Additional security operations center experience in a team lead/management role preferred.
· Experience with SIEM, EDR, HIDS, NIDS, SOAR, and firewall security tools highly preferred.