Security Operations Center Analyst II

About The Position

Requirements

• Minimum of five to seven (5-7) years of experience in Information technology or a related field.
• Bachelor's Degree in Computer Science, Information Technology or equivalent experience.
• Prior performance in roles such as ISSO or ISSM.
• Must meet position and certification requirements outlined in DoD Directives 8570.01-M for Information Assurance Technician Level 2 within 6 months of the date of hire.
• Current Top Secret Clearance with SCI Eligibility.
• Eligibility for access to Special Access Programs.
• Willingness to submit to a Counterintelligence Polygraph.

Nice To Haves

• Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.
• Understanding in researching Emerging Threats and recommending monitoring content within security tools.
• Experience in analyzing NetFlow data and packet capture (PCAP).
• Robust knowledge of common attack methodologies, tactics and protocols.
• Knowledge of the TCP and IP protocol suite, security architecture, DNS and remote access security techniques and products.
• Technical experience in the information security field utilizing a mix of security technology such as: Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, and Network Packet Analyzers, Digital Forensics tools in an Enterprise environment, Cyber Incident Response activities in an Enterprise environment.
• Ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners.
• Working knowledge of Microsoft Office (Word, PowerPoint, and Excel).
• Possess a high degree of originality, creativity, initiative requiring minimal supervision.
• Willingness to travel within the organizational geographic Area of Responsibility (AOR).

Responsibilities

• Conduct security event monitoring, advanced analytics and response activities in support of the government's mission.
• Support activities within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts.
• Provide 'day-to-day' support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.
• Lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis.
• Analyze information technology security events to discern legitimate security incidents from non-incidents.
• Implement countermeasures and conduct incident response.
• Utilize Security Information and Event Monitoring (SIEM) platforms and/or log management systems for log collection, analysis, correlation, and alerting.
• Analyze security events (windows event logs, network traffic, IDS events for malicious intent).
• Track activities within various Security Operation workflows.
• Identify and implement counter-measures or mitigating controls for deployment in the enterprise network environment.
• Work with technologies such as Network Threat Hunting, Big Data Analytics, Endpoint Threat Detection and Response, SIEM, workflow and ticketing, and Intrusion Detection System.

Benefits

• Medical insurance
• Dental insurance
• Vision insurance
• Short/long term disability
• Life insurance
• Retirement plan