Senior SOC Analyst

NTT AmericaMerrifield, VA
72dHybrid
Match Resume

About The Position

The position involves leading advanced incident detection, investigation, and analysis efforts. The candidate will correlate data from various sources such as SIEM, EDR, IDS/IPS, and firewalls to identify and analyze potential incidents. Deep-dive investigations will be performed to determine the root cause, scope, and impact of incidents, applying frameworks like MITRE ATT&CK for adversary TTP identification. The role requires guiding preparation, identification, containment, eradication, and recovery actions in collaboration with SOC, forensics, and engineering teams, ensuring incident handling aligns with established guidelines, response plans, and playbooks. The candidate will analyze telemetry, logs, and behavioral patterns for indicators of compromise or attack, and work with forensic teams to ensure proper collection, preservation, and analysis of digital evidence. Coordination with forensics teams to maintain chain-of-custody and evidence integrity is essential. The role also includes developing and enhancing SOC processes, playbooks, and detection capabilities, performing threat intelligence collection, analysis, and dissemination, and providing real-time guidance during active incidents. Collaboration with stakeholders to strengthen the overall cybersecurity posture and addressing identified vulnerabilities with engineering, IT, and cloud teams is expected. Participation in tool evaluations and providing executive-level briefings on security events and SOC performance are also part of the responsibilities.

Requirements

  • Master's degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET-accredited or CAE-designated institution.
  • Minimum 8 years of experience in Information Technology (IT) and/or Information Security (IS).
  • DoD 8140 certification for their respective area or the ability to obtain certification within six (6) months of onboarding.
  • Active Secret Security Clearance.
  • Must be a US citizen living within commute distance of the client site.

Nice To Haves

  • CBROPS CFR certification.
  • CompTIA: CySA+, Security+ CE, CASP+CE.
  • FITSP-O certification.
  • SANS: GCFA, GCIA, GDSA, GICSP.
  • CCNA-Security, CCNP Security certifications.
  • CISSP (or associate), CCSP, CISA, SSCP, CND certifications.

Responsibilities

  • Lead advanced incident detection, investigation, and analysis efforts.
  • Correlate SIEM, EDR, IDS/IPS, and firewall data to identify and analyze potential incidents.
  • Perform deep-dive investigations to determine root cause, scope, and impact of incidents.
  • Apply MITRE ATT&CK and other frameworks for adversary TTP identification.
  • Guide preparation, identification, containment, eradication, and recovery actions in collaboration with SOC, forensics, and engineering teams.
  • Ensure incident handling aligns with established guidelines, response plans, and playbooks.
  • Analyze telemetry, logs, and behavioral patterns for indicators of compromise or attack.
  • Work with forensic teams to ensure proper forensic collection, preservation, and analysis of digital evidence.
  • Coordinate with forensics teams to ensure chain-of-custody and evidence integrity.
  • Develop and enhance SOC processes, playbooks, and detection capabilities.
  • Perform threat intelligence collection, analysis, and dissemination.
  • Analyze and contextualize intelligence to produce actionable recommendations.
  • Provide real-time guidance during active incidents.
  • Collaborate with stakeholders to strengthen overall cybersecurity posture.
  • Work with engineering, IT, and cloud teams to address identified vulnerabilities.
  • Participate in tool evaluations, recommending solutions that enhance SOC capabilities and identify capability overlap.
  • Support internal coordination with client sections, divisions, and external entities.
  • Provide executive-level briefings on security events and SOC performance.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Industry

Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

Education Level

Master's degree

Number of Employees

5,001-10,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service