Security Operations Analyst, Mid

About The Position

Requirements

• 1+ years of experience supporting Information Technology or Intelligence Operations
• Experience supporting a Computer Incident Response Team, Cyber Network Operations, or Security Operations Center (SOC) operations for a large and complex enterprise
• Experience with Intelligence Driven Defense, Cyber Kill Chain methodology, or MITRE ATT&CK framework
• Knowledge of industry-accepted standards for incident response actions and best practices for SOC operations
• Knowledge of security operation tools, including SIMs or DCAP analysis
• Knowledge of intrusion set tactics, techniques, and procedures
• TS/SCI clearance
• Bachelor's degree

Nice To Haves

• Experience with Microsoft Sentinel
• Experience with Splunk
• TS/SCI clearance with a polygraph
• GIAC Continuous Monitoring (GMON) Certification
• GIAC Certified Incident Handler (GCIH) Certification
• GIAC Certified Forensic Analyst (GCFA) Certification
• GIAC Certified Intrusion Analyst (GCIA) Certification
• GIAC Network Forensic Analyst (GNFA) Certification
• GIAC Cloud Threat Detection (GCTD) Certification
• GIAC Cloud Forensics Responder (GCFR) Certification

Responsibilities

• Respond to and resolve cyber security incidents.
• Participate in cyber incident response investigations requiring forensic, malware, and log analysis.
• Analyze forensic images and triage datasets to identify indicators of compromise, lateral movement, and unauthorized access or exfiltration of data.
• Apply specific functional knowledge as well as working and general industry knowledge.
• Develop or contribute to solutions to a variety of problems of moderate scope and complexity.
• Work independently with some guidance and may review or guide activities of more junior employees.

Benefits

• health, life, disability, financial, and retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program