Information Security Analyst - I with Security Clearance

Title- Information Security Analyst - I / Cybersecurity analyst Location- Ashburn, VA (Hybrid) Duration- Long-term contract JOB DESCRIPTION: Job Title: Cyber Security Analyst MUST-HAVE SKILLS: Ability to obtain GSA Public Trust clearance At least three years of experience in security-related fields, including prior SOC experience Clear and concise written and oral communication skills in English Proficiency in using a supported Security Incident Event Management (SIEM) system for analytics Knowledge of scripting, parsing, and query development in enterprise SIEM solutions Experience tuning use cases and content, with an understanding of best practices to prevent false negatives Documentation skills for processes and procedures, as well as training team members Exceptional problem-solving abilities Proactive engagement with customers and client management teams Thorough understanding of threat landscapes and indicators of compromise Familiarity with incident response techniques related to network forensic analysis Experience investigating security incidents using SIEMs, use case development/tuning, and understanding of incident response Knowledge of Intrusion Prevention Systems (IPS), including analyzing alerts and identifying false positives Implementation experience with next-generation firewalls (e.g., Forti manager, Fortigate, Cisco, Palo Alto, Checkpoint) Proficiency with Linux command line Understanding of health and availability monitoring, device logging, network troubleshooting, and device troubleshooting DESIRED SKILLS: Scripting knowledge (e.g., Python, PowerShell, Bash Shell, Java) Incident response experience using various SIEMs and industry best practices Customer service skills, including supporting service desk functions such as IAM management JOB DUTIES: Security Analysts play a crucial role in the Security Operations Center. Tier-2 Security Analysts, with a background in enterprise security, handle a wide range of tasks across different platforms. Their responsibilities include day-to-day tasks, short-notice ad-hoc work, and independent task completion with minimal supervision. Key duties of Tier-2 Senior Security Analysts include: Providing near real-time security monitoring in a 24x7 environment by monitoring security infrastructure and alarm devices for Indicators of Compromise (IoCs) using a proprietary SIEM and cybersecurity tools. Performing near real-time security monitoring of alerts and escalating critical alerts according to the service level agreement. Detecting security incidents and analyzing threats, especially complex or escalated events. Responding to customer Requests For Information, including using Linux command line skills to query raw logs for IoCs, answering questions about the MSS infrastructure, and explaining features of the SIEM, including the correlation engine. Developing internal and external documentation, such as detailed procedures, playbooks, and runbooks, while reviewing operational metrics reports. Perform level 2 assessment of incoming alerts, assessing alert priorities, determining severity in the customer environment, and coordinating with tier III for critical priority incidents, if necessary. Perform incident response activities utilizing customer SIEM and cybersecurity toolkits Assist with quality control during onboarding of new customers to verify validity of Use Cases and generated alerts Utilize the SOC Knowledge Base and provide input on revisions as needed EDUCATION/CERTIFICATIONS Required: Bachelors or higher degree in Computer Science, Information Security, or similar discipline Required: industry certification(s) such as CISSP, SANS GIAC or GCIH, CompTIA Security+, CCNP-Security, Palo Alto CNSE, Fortinet NSE, CySA+, GCED, CEH, or comparable security-related certification LOGISTICS Shift work required, including nights and weekends Team members work 5x8 hour shifts per week.