Skip to Main Content

Security Operations Center Ana;yst

Falcon IT & Staffing Solutions
Washington, DC
  • Expired: over a month ago. Applications are no longer accepted.
Job Description

Position Title: Security Operations Center (SOC) Analyst

Location: Washington, DC

Hours: M – F, 9AM – 5PM

Position Summary:

Iron Vine Security is a rapidly growing information security and information technology company in Washington, DC. We are looking to hire a Cyber Security Analyst to provide a full range of cyber security services on a long-term contract in Washington, DC. The position is full time/permanent and will support a Federal Government Contract. The position is available immediately upon finding a qualified candidate with the appropriate background clearance. Must have active secret or top-secret clearance.

Job Requirements:

· Must have familiarity with US-CERT Federal Incident Notification Guidelines

· 3-5 years of Information Technology experience, with at least 2 years of experience in information security working within security operations and 2 years’ experience monitoring threats via a SIEM console

· Detailed understanding of NIST Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide

· Exceptional working knowledge of TCP/IP Networking and the OSI model

· In-depth knowledge of the Intelligence driven defense utilizing the Cyber Kill Chain (CKC)

· Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs

· Significant experience with packet analysis (Wireshark) and Malware analysis

· Strong working knowledge of Splunk, Zeek log analysis, Windows Defender for Endpoints or other EDR preferred

· Strong customer service skills and decision-making skills

· Strong working knowledge of windows and Linux command-line tools, networking protocols, systems administration and security technologies

· Strong working knowledge Hypertext Transfer Protocol response status codes

· Experience creating actionable content for a diverse range of commercial security tools and/or SIEM technologies

· Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems

· Active Secret or Top-Secret Clearance

Certifications/Licenses:

· Bachelor's degree in Computer Science or related field or equivalent work experience

· Certified Information Systems Security Professional or Associate

· EC Council Certified Ethical Hacker (CEH)

· Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Certified Incident Handler (GCIH)

Additional Experience Preferred:

· Minimum of 2-4 years’ experience in SOC/CIRT

· Experience with Splunk, Zeek, Windows Defender for Endpoints or similar EDR preferred

· Previous SOC/ CIRT experience at a federal agency similar in size, scope, and complexity

Position Responsibilities:

· Perform hunting for malicious activity across the network and digital assets

· Respond to computer security incidents and conduct threat analysis

· Identify and act on malicious or anomalous activity

· Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network

· Perform detailed investigation and response activities for potential security incidents

· Provide accurate and priority driven analysis on cyber activity/threats

· Perform payload analysis of packets

· Recommends implementation of counter-measures or mitigating controls

· Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment

· Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity

· Create and continuously improve standard operating procedures used by the SOC

· Resolve or coordinate the resolution of cyber security events

· Monitor incoming event queues for potential security incidents

· Create, manage, and dispatch incident tickets

· Monitor external event sources for security intelligence and actionable incidents

· Maintain incident logs with relevant activity

· Document investigation results

· Participate in root cause analysis or lessons learned sessions

· Write technical articles for knowledge sharing

· Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units

Falcon IT & Staffing Solutions

Address

Washington, DC
USA

Industry

Real Estate

View all jobs at Falcon IT & Staffing Solutions