Job Description :
Senior Cybersecurity SOC Analyst
Washington DC
18+ months

Job Description:
Monitoring, detecting, analyzing, remediating, and reporting on Cyber events and incidents impacting the tech
infrastructure of the District of Columbia. Serves as advanced escalation point.

SUMMARY
The SOC Analyst - Tier 3 is cybersecurity technical resource responsible for providing technical analytical
oversight over a team of Tier 2 and 1 SOC Analysts to monitor, detect, analyze, remediate, and report on
cybersecurity events and incidents impacting the technology infrastructure of the Government of the District of
Columbia. The ideal candidate will have an advanced technical background with significant experience in an
enterprise successfully leading a SOC team or unit responsible for analysis and correlation of cybersecurity event,
log, and alert data. The candidate will be skilled in understanding, recognition, and root-cause detection of
cybersecurity exploits, vulnerabilities, and intrusions in host and network-based systems.

SPECIFIC TASKS
Utilize advanced technical background and experience in information technology and incident response handling
to scrutinize and provide corrective analysis to escalated cybersecurity events from Tier 2 analysts—
distinguishing these events from benign activities, and escalating confirmed incidents to the Incident Response
Lead.
Provide in-depth cybersecurity analysis, and trending/correlation of large data-sets such as logs, event data, and
alerts from diverse network devices and applications within the enterprise to identify and troubleshoot specific
cybersecurity incidents, and make sound technical recommendations that enable expeditious remediation.
Proactively search through log, network, and system data to find and identify undetected threats.
Support security tool/application tuning engagements, using McAfee ESM and McAfee ePO, with analysts and
engineers to develop/adjust rules and analyze/develop related response procedures, and reduce false-positives
from alerting.
Identify, verify, and ingest indicators of compromise and attack (IOC’s, IOA’s) (e.g., malicious IPs/URLs, etc into
network security tools/applications to protect the Government of the District of Columbia network.
Quality-proof technical advisories and assessments prior to release from SOC.
Coordinate with and provide expert technical support to enterprise-wide technicians and staff to resolve confirmed
incidents.
Report common and repeat problems, observed via trend analysis, to SOC management and propose process
and technical improvements to improve the effectiveness and efficiency of alert notification and incident handling.
Formulate and coordinate technical best-practice SOPs and Runbooks for SOC Analysts.
Respond to inbound requests via phone and other electronic means for technical assistance, and resolve
problems independently. Coordinate escalations with Incident Response Lead and collaborate with internal
technology teams to ensure timely resolution of issues.

MINIMUM QUALIFICATIONS
Three to five years of demonstrated operational experience as a cybersecurity analyst/engineer handling and
coordinating cybersecurity incidents and response in critical environments, and/or equivalent knowledge in areas
such as; technical incident handling and analysis, intrusion detection, log analysis, penetration testing, and
vulnerability management. ? In-depth understanding of current cybersecurity threats, attacks and
countermeasures for adversarial activities such as network probing and scanning, distributed denial of service
(DDoS), phishing, ransomware, botnets, command and control (C2) activity, etc.
In-depth hands-on experience analyzing and responding to security events and incidents with most of the
following technologies and/or techniques; leading security information and event management (SIEM)
technologies, intrusion detection/prevention systems (IDS/IPS), network- and host-based firewalls, network
access control (NAC), data leak protection (DLP), database activity monitoring (DAM), web and email content
filtering, vulnerability scanning tools, endpoint protection, secure coding, etc.

Required/Desired Skills

Strong communication, interpersonal, organizational, oral, and customer service skills.
Strong knowledge of TCP/IP protocols, services, and networking.
Knowledge of forensic analysis techniques for common operating systems.
Adept at proactive search, solicitation, and detailed analysis of threat intelligence (e.g., exploits, IOCs,
hacking tools, vulnerabilities, threat actor TTPs) derived from open-source resources and external entities, to
identify cybersecurity threats and derive countermeasures, not previously ingested into network security
tools/applications to apply to protect the Government of the District of Columbia network.
Excellent ability to multi-task, prioritize, and manage time and tasks effectively. ? Ability to work effectively in
stressful situations.

5 years Hands-on operational experience as a cybersecurity analyst/engineer in a security operations center, or equivalent knowledge.

5 years In-depth understanding of cybersecurity attack countermeasures for adversarial activities such as malicious code, DDOS, and phishing.

5 years In-Depth Hands-On Experience Analyzing And Responding To Security Events And Incidents With Security Information And Event Management System (SIEM)

5 years Strong knowledge of cybersecurity attack methodology to include tactics and techniques, and associated countermeasures.

5 years Strong Knowledge Of Tcp/Ip Protocols, Services, Networking, And Experience Identifying, Analyzing, Containing, And Eradicating Cybersecurity Threat

16+ yrs planning, coordinating, and monitoring project activities

16+ yrs leading projects, ensuring they are in compliance with established standards/procedures

Bachelor’s degree in IT or related field or equivalent experience

Strong attention to detail.

PREFERRED EDUCATION/CERTIFICATION REQUIREMENTS
Undergraduate or masters degree in computer science, information technology, or related field.
SANS GCIA, GCED, GPEN, GCIH or similar industry certification desired.

Please fill the below needful details and attach your updated resume,VISA copy and DL copy.

Full Name:
Visa Status:
Current Location:
Overall experience: :
India Exp:
US experience:
Current Legal Address:
Key Skills & Domain Area:
DOB [MMDDYY]:
Last 4 Digit of your SSN:
Present Salary:
Currently Working:
Project End date:
Interviewing with Other Clients:
Available Start Date:
Relocation Issues:
Interview Contact Number:
Alternate Contact Number:
Email-ID:
Skype-ID:
LinkedIn ID:
Telephonic Interview best Available Timings CST:
UG Education & Year of Completed:
PG Education & Year of Completed:

Two Professional Reference:

Name:
Email ID (Official ID):
Contact:
Position:
Company:

Name:
Email ID (Official ID):
Contact:
Position:
Company: