Tier II SOC Analyst
Apply NowCompany: SCOUT Solutions
Location: Washington, DC 20544
Description:
Tier II SOC Analyst
Washington D.C. / Hybrid
Job Overview
We are currently seeking a Tier II Cybersecurity Analyst to provide support to our client in
Washington D.C. Clearance Required: Candidate must be able to receive a Public Trust 6c Clearance
Responsibilities and Duties
Provide Tier 2 support by analyzing network traffic and various log data to determine the threat/impact against the network, recommending appropriate countermeasures, facilitating the tracking, handling, and reporting of all security events and computer incidents.
Remediate and apply lessons learned to security incident investigation and resolution.
Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure.
Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases.
Develop processes that align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center .
Create custom tool content to enhance capabilities of security operations teams.
Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure.
Perform Security Incident Management aligned with NIST standards.
Technical writing experience:
Standard Operating Procedures
Concept of Operations (CONOPS)
Incident Response Plans
Training Exercises
Tool configurations and content creation
Qualifications
1-3 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
Bachelors' degree in Computer Science, Information Technology or related technical field. Additional years of experience can be substituted for a degree.
Experience with Security Information and Event Management (SIEM) Systems, Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, and large Enterprise or Cloud environments.
Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution.
Good interpersonal skills to interact with customers, team members and support personnel.
Strong analytical and problem solving skills for investigating security issues.
Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK).
At least one active security certification
Experience with one or more of the following tools:
Azure Advanced Threat Analytics
Azure Log Analytics
Windows Defender Security
McAfee ePO, HIPS
FireEye NX, EX/ETP, HX, AX
Desired Qualifications:
Programming and/or scripting language experience; ideally PowerShell
Search query language experience & content creation; ideally Kusto
Project management experience to help build tiger teams for special projects
MS Office, Visio, PowerBI proficiency
Washington D.C. / Hybrid
Job Overview
We are currently seeking a Tier II Cybersecurity Analyst to provide support to our client in
Washington D.C. Clearance Required: Candidate must be able to receive a Public Trust 6c Clearance
Responsibilities and Duties
Provide Tier 2 support by analyzing network traffic and various log data to determine the threat/impact against the network, recommending appropriate countermeasures, facilitating the tracking, handling, and reporting of all security events and computer incidents.
Remediate and apply lessons learned to security incident investigation and resolution.
Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure.
Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases.
Develop processes that align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center .
Create custom tool content to enhance capabilities of security operations teams.
Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure.
Perform Security Incident Management aligned with NIST standards.
Technical writing experience:
Standard Operating Procedures
Concept of Operations (CONOPS)
Incident Response Plans
Training Exercises
Tool configurations and content creation
Qualifications
1-3 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
Bachelors' degree in Computer Science, Information Technology or related technical field. Additional years of experience can be substituted for a degree.
Experience with Security Information and Event Management (SIEM) Systems, Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, and large Enterprise or Cloud environments.
Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution.
Good interpersonal skills to interact with customers, team members and support personnel.
Strong analytical and problem solving skills for investigating security issues.
Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK).
At least one active security certification
Experience with one or more of the following tools:
Azure Advanced Threat Analytics
Azure Log Analytics
Windows Defender Security
McAfee ePO, HIPS
FireEye NX, EX/ETP, HX, AX
Desired Qualifications:
Programming and/or scripting language experience; ideally PowerShell
Search query language experience & content creation; ideally Kusto
Project management experience to help build tiger teams for special projects
MS Office, Visio, PowerBI proficiency