Cybersecurity Analyst Principal

About The Position

Requirements

• Education: Technical Training, Certification(s) or Degree
• Experience: 5+ years of related experience
• Required Skills: Experience composing threat reports and other management level communications
• Leadership experience of teams of 5 or more
• Vulnerability Management – Nessus Vulnerability Scanning
• Configuration Management - STIG/SCAP compliance baselines for windows, mac, linux
• Splunk SEIM / Log Aggregation experience
• Cloud Security - Familiarity with FedRAMP for IaaS, PaaS, SaaS
• Experienced Incident Response Team (IR/IRT) troubleshooting, root cause analysis and remediation verification
• Knowledge of Identity Management, ICAM/IDAM and authorization, least privilege, reducing unauthorized elevated access
• Firewall Understanding including basic networking, sub-netting, IDS, NAT, ACL's
• Penetration Test Response and Remediation
• DevSecOps – software development lifecycle security – scanning across the lifecycle and baking in application security for developers and containers
• Microsoft Defender for Endpoint experience

Nice To Haves

• ServiceNow ticketing and reporting experience
• Linux, Windows, and Active Directory experience
• Experience with Tenable and Palo Alto network security solutions
• Cloud and mobile device experience
• ForeScout CounterAct, DLP solutions and Cylance AV
• CISSP certification

Responsibilities

• Oversee the daily operations of the SOC and plans shift activities
• Work closely with Incident Management Team
• Lead major incident management process, supporting Agency leadership during the activation of major/escalated incidents
• Develop, author, and deliver process improvements for the SOC to maintain operational readiness for incident response
• Monitor and report on call volumes, alarm responses, and incident reports to ensure appropriate levels of service are met
• Partner with IT leadership and teams to support operational issues and prepare for potential incidents
• Support annual updates of the incident response concept of operations document
• Support annual incident response tabletop exercises
• Lead, mentor, and coach SOC I and SOC II staff members
• Work as part of a 24x7x365 team delivering real-time proactive monitoring and maintenance of supported security tools and associated rules and signatures
• Carry out triage on security events, coordinate incidents with Incident Management Team, IT operations, network engineering, and application teams
• Identify and respond to incidents to prevent or limit damage to assets, and report incidents
• Detect and analyze incidents, coordinate activities with other stakeholders for containing, eradicating, and recovering from incidents
• Develop advanced analytics and countermeasures to protect critical assets
• Monitor IDS, analyze network traffic and logs, prioritize potential intrusion attempts, determine false alarms, insider threats, APT detection, and malware analysis/forensics
• Support the production and maintenance of standard operational processes and procedures and playbooks for use by all shift personnel
• Provide enterprise-wide management of security incidents, managed network space, to detect, respond, and report all computer-related incidents
• Assess, identify, and remediate individuals and/or systems affected
• Coordinate all information security incidents complied with timeline specifics
• Coordinate the development of reports from the SIEM, NIDS, and HIDS
• Remain up to date with current attack methods and characteristics to identify threats and advise on prevention, mitigation, and remediation
• Perform other tasks consistent with the goals and objectives of the department/contract
• Perform other duties as assigned by Senior Program Executive
• Document assigned tickets to show all work performed to pass SLRs
• Manage team to fully document assigned tickets to show all work performed to pass SLRs

Benefits

• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay and paid time off
• Full-flex work week to own your priorities at work and at home
• Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
• Short and long-term disability benefits
• Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance