21 Apr
Senior SOC Analyst (Tier 3)- Shift 1 (TS cleared)
District of Columbia, Washington , 20001 Washington USA

Vacancy expired!

Job Description

MindPoint Group is seeking a Senior SOC Analyst. The Security Operations Center (SOC) Senior Analyst will collaborate with members of the SOC team to develop innovative and effective procedures for the SOC to enhance coordination and incident response operations. Train staff on SOC concept of operations and develop incident management teams.

Additionally, Senior Analyst candidates must be willing to work in a 24x7x365 SOC environment, demonstrate intuitive problem-solving skills, and allow for flexible scheduling. Monitor network traffic for security events and perform triage analysis to identify security incidents. Respond to computer security incidents by collecting, analyzing, preserving digital evidence, and ensure that incidents are recorded and tracked in accordance with SOC requirements. Work closely with the other teams to assess risk and provide recommendations for improving our security posture.

Job Duties:

  • Shift 1 is 6AM-2:30PM
  • Utilize state of the art technologies such as host forensics tools (FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data
  • Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
  • Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response
  • Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes
  • Lead Incident Response activities and mentor junior staff
  • Work with key stakeholders to implement remediation plans in response to incidents
  • Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
  • Author Standard Operating Procedures (SOPs) and training documentation when needed
  • Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty

Qualifications

  • Active Top Secret required
  • 5 (+) years in an Incident Responder/Handler role
  • Full understanding of Tier 1 responsibilities/duties and how the duties feed into Tier 2. The ability to take lead on incident research when appropriate and be able to mentor junior analysts
  • Advanced knowledge of TCP/IP protocols
  • Knowledge of Windows, Linux operating systems
  • Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk or ArcSight experience
  • Deep packet and log analysis
  • Some Forensic and Malware Analysis
  • Cyber Threat and Intelligence gathering and analysis
  • Bachelor’s degree or equivalent experience
  • Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred

Desirable certifications include, but not limited to:

  • GCIH, GCIA, GCFE, GREM, GCFA, GSEC
  • Security +
  • CEH, CISSP, CCNA (Security) or equivalent Certifications.
  • CySA+

Additional Information

  • All your information will be kept confidential according to EEO guidelines
  • Equal Opportunity Employer Veterans/Disabled

Vacancy expired!


Related jobs

Report job