Job Description :
IT SOC Analyst
Washington DC
6+ Months
Phone and f2f screen
USC or GC

The SOC Analyst - Tier 3 is cybersecurity technical resource responsible for providing technical analytical oversight over a team of Tier 2 and 1 SOC Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents impacting the technology infrastructure of the Government of the District of Columbia. deal candidate will have an advanced technical background with significant experience in an enterprise successfully leading a SOC team or unit responsible for analysis and correlation of cybersecurity event, log, and alert data. The candidate will be skilled in understanding, recognition, and root-cause detection of cybersecurity exploits, vulnerabilities, and intrusions in host and network-based systems. SPECIFIC TASKS . Utilize advanced technical background and experience in information technology and incident response handling to scrutinize and provide corrective analysis to escalated cybersecurity events from Tier 2 analysts—distinguishing these events from benign activities, and escalating confirmed incidents to the Incident Response Lead. . Provide in-depth cybersecurity analysis, and trending/correlation of large data-sets such as logs, event data, and alerts from diverse network devices and applications within the enterprise to identify and troubleshoot specific cybersecurity incidents, and make sound technical recommendations that enable expeditious remediation. . Proactively search through log, network, and system data to find and identify undetected threats. . Conduct security tool/application tuning engagements, using McAfee ESM and McAfee ePO, with analysts and engineers to develop/adjust rules and analyze/develop related response procedures, and reduce false-positives from alerting. . Identify and ingest indicators of compromise (IOC’s) (e.g., malicious IPs/URLs, etc into network security tools/applications to protect the Government of the District of Columbia network. . Quality-proof technical advisories and assessments prior to release from SOC. Coordinate with and provide expert technical support to enterprise-wide technicians and staff to resolve confirmed incidents. . Report common and repeat problems, observed via trend analysis, to SOC management and propose process and technical improvements to improve the effectiveness and efficiency of alert notification and incident handling. . Formulate technical best-practice SOPs and Runbooks for SOC Analysts. . Respond to inbound requests via phone and other electronic means for technical assistance, and resolve problems independently. Coordinate escalations with Incident Response Lead and collaborate with internal technology teams to ensure timely resolution of issues.
Skills Required/Desired Min of years
Hands-On Operational Experience As A Cybersecurity Analyst/Engineer In A Security Operations Center required 5
Prior Work With Cybersecurity Attack Countermeasures For Adversarial Activities Such As Malicious Code and DDOS required 5
In-Depth Hands-On Experience Analyzing And Responding To Security Events And Incidents With A Security Information And Event Management System required 5
Strong knowledge of cybersecurity attack methodology to include tactics and techniques, and associated countermeasures. required 5
Strong Knowledge Of Tcp/Ip Protocols, Services, Networking, And Experience Identifying, Analyzing, Containing, And Eradicating Cybersecurity Threat required 5
11- 15 yrs developing, maintaining, and recommending enhancements to IS policies/requirements required 11
11-15 yrs performing vulnerability/risk analyses of computer systems/apps Nice to have 11
11-15 yrs identifying, reporting, and resolving security violations required 11
Bachelor’s degree in IT or related field or equivalent experience Required
             

Similar Jobs you may be interested in ..