SOC Operations Analyst - Senior / Public Trust
Position Description
Manage incident triage and coordination with analysis and detection sections to identify and analyze technology and cyber impacts to IT assets, network infrastructure (LAN/WAN), including applying security and ensure proper incident management and coordination.
Direct continuity of operations for emergency relocation of 24x7x365 operations to include uninterrupted telecommunications, computer systems, cybersecurity, and networks.
Organizes, supports, and manages the containment, investigation, and remediation efforts in regards to incidences.
Perform quality assurance of service desk actions and Remedy ticket submissions. Monitor, respond, and catalog SOC and SIM emails as applicable. Submit Remedy tickets as necessary to assist with keeping the triage console free of backlogs.
Supports incident response engagements, and partners with other incident response teams in maintaining an understanding of threats, vulnerabilities, and exploits that could impact client networks and assets.
Monitor and review multiple data sources, including intelligence, media, and law enforcement reporting, to identify cybersecurity incidents, threats, and vulnerabilities.
Provide classified and unclassified cyber risk briefings and activity updates, to include but not limited to civilian government agencies and community stakeholders.
May be required to coordinate with external organizations, authorities, and senior level leadership.
Minimum requirements
- Bachelor’s degree and a minimum of 8 years of relevant experience required.
- An additional 4 years of experience may be substituted for degree.
- Experience and familiarity with network analytics including Netflow/PCAP analysis.
- Understanding of cyber forensics concepts including malware, hunt, etc.
- Demonstrated understanding of how both Windows and Linux systems are compromised.
- U.S. citizenship required.
- Able to obtain a Public Trust security clearance required.
- Willing and able to travel up to 10-25%.
Preferred Qualifications
- Experience using Splunk for system data analytics and monitoring strongly preferred.
- Experience performing cyber forensics, malware analysis, cyber hunt, etc. strongly preferred.
- A professional certification such as GCFA, GNFA, GREM, or GCIH is highly desirable.