Contact Us | Falcon IT & Staffing Solutions

Tier 3 SOC Analyst

Job Title
Tier 3 SOC Analyst
Job ID
27682080
Work From Home
Yes
Location
DC,  MD
Other Location
Description

We are looking to hire a Cyber Security Coordinator to provide a full range of cyber security services on a contract in Washington, DC. The position is full time and will support a Federal Government Contract. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

 

Required Experience/Education:

· 6 years of Information Technology experience, with at least 3 years of experience in information security working withing security operations and 2 years’ experience developing detection methodologies and managing projects.

· Bachelor’s degree in Cybersecurity/Computer Science or related field or equivalent work experience.

· Technical certification (GCIH, GSEC, GCIA, CEH, etc) or equivalent experience and knowledge.

 

Job Requirements:

· Operational experience in the following functional areas:

o Event Handling

o Incident Response

o Data Analysis / Log Review

o Vulnerability Management

o Configuring and testing system security settings

o Detection Engineering

· The ability to effectively communicate the current status of the client’s security:

o Identify, develop processes for, and report on metrics related to the operations of the team

o Assist in the development and performance of quality control checks for SOC operations

o Identify and report on project status related to the functional areas listed above

· The ability to communicate clearly, correctly, and effectively about other teammate’s tasks and the ability to mentor other teammates in doing the same.

· The ability to assist other engineers/analysts in developing and communicating status updates. Additionally, support with project plans, deconstructing tasks, and providing updates in conjunction with a project management office

· Perform triage and root cause analysis on security events:

· Document the flow of data and identify multiple distinct data sources where suspicious behavior can be identified – must also be able to identify supplemental sources where similar data may be found

· Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation

· Communicate and collaborate with colleagues to investigate incidents

· Investigate and identify the root cause behind security incidents – to include all stages of the cyber kill chain as appropriate

· Identify new data sources for determination of security events:

· Analyze raw data sources to extract, institutionalize, and document actionable events

· Review existing security events and propose refinements as necessary

· Create additional training and documentation for the SOC operations

· Work with the client’s staff to address adhoc taskings as they arise

· Interact with other stakeholders in the client’s organization for troubleshooting/content development/etc. This interaction could include other teams in the CyberSecurity department outside of the SOC.

 

Additional Preferred Qualifications

· Management experience and certifications highly preferred (PMP, CISSP)

· Additional security operations center experience in a team lead/management role preferred.

· Experience with SIEM, EDR, HIDS, NIDS, SOAR, and firewall security tools highly preferred.

Option 1: Create a New Profile