Cybersecurity Incident Handler, Senior
About The Position
Cybersecurity Incident Handler, Senior The Opportunity: As a security operations center (SOC) analyst, you’re in the middle of the action, responding to and mitigating threats in real time. You’re the first line of cyber defense for your organization, and they look to you for guidance on best practices and security measures. We need a Tier 2 SOC analyst like you to help us secure critical infrastructure from the constant onslaught of cyber-attacks for the mission partner. As a SOC analyst on our team, you’ll improve monitoring strategies and analyze threats. You’ll work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact. You’ll guide efforts to figure out just how many systems are affected and assist recovery efforts. You’ll combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding. This is a great opportunity to hone your cybersecurity skills with hands-on experience in threat assessment and incident response. Work with us as we secure Air Force networks from malicious actors. Join us. The world can’t wait.
Requirements
- Experience in a SOC, incident response, or cyber threat analysis role
- Experience in analyzing logs, network traffic, digital forensics, malware analysis, threat intelligence, and cybersecurity
- Experience with incident response frameworks, such as NIST or MITRE ATT&CK
- Knowledge of SIEM, such as Splunk, Elastic, QRadar, or Sentinel, and EDR, such as CrowdStrike or Microsoft Defender, IDS, and IPS
- Knowledge of operating system-specific exploitation vectors
- TS/SCI clearance
- HS diploma or GED
- DoD 8140 Level II Certification, such as Security+, CySA+, or CISSP Certification
Nice To Haves
- Experience using Microsoft Office products
- Experience with cyber technologies and capabilities, including continuous monitoring, incident response, advanced threat hunt, ongoing assessments, and secure Cloud and mobile capabilities
- Experience with Cloud and DevSecOps
- Experience with cybersecurity tools and solutions such as Microsoft Defender for Endpoint, Corelight, Suricata or Snort, Palo Alto and Cisco firewalls, Archer Case Management, ServiceNow, Threat Connect, Splunk Enterprise Security, Splunk SOAR, Cofense, IronPort Mail Gateways, or Microsoft G5 Defender suite
- Possession of excellent verbal and written communication skills
- Possession of excellent time management and analytical skills
Responsibilities
- Improve monitoring strategies and analyze threats
- Work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact
- Guide efforts to figure out just how many systems are affected and assist recovery efforts
- Combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding
Benefits
- health
- life
- disability
- financial
- retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
