CND Analyst - SOC

About The Position

Requirements

• Bachelor's degree required.
• Minimum 5 years IT relevant experience and 3 years SOC operations support.
• Experience managing firewall, IDS/IPS, and router ACL policies.
• Experience with vulnerability management assessment and mitigation.
• Possess the appropriate baseline certifications to achieve DoD 8570.01-M Information Assurance Technical (IAT) Level II.
• Possess the appropriate DoD 8570 CSSP Analyst, Infrastructure, or Incident Responder certification.

Nice To Haves

• Cisco Certification.
• Palo Alto Certification.
• Possess an ITIL® v3 or ITIL® 4 Foundation or a higher certification in either category.

Responsibilities

• Manage the operation of the SOC and the performance of traditional SOC activities on behalf of ARNG 24/7/365 to protect DoD information systems and infrastructure.
• Develop a SOC Communications Plan.
• Support the RCC-NG in the execution of traditional SOC activities during COOP exercises at a designated COOP site.
• Provide technical reports to analyze and summarize the impact of each significant incident and the recovery costs.
• Author and implement custom detection content.
• Tune the SIEM and IDS/IPS events to minimize false positives.
• Analyze and review monitoring SOC metrics.
• Evaluate and analyze hardware and software in coordination with and support of the RCC-NG.
• Improve processes including developing and refining analysis techniques.
• Coordinate and report ISS-related incidents.
• Provide support in assembling, evaluating, and monitoring various intrusion detection sensors or tools and associated software applications.
• Provide DMA support services involving forensic analyses on a variety of digital media devices.