SOC Analyst Mid Level

About The Position

Requirements

• At least 1 of the GCIA/GCIH/GCDA/GSOC/GCED/CYSA or equivalent certs, OS and Comptia Net+ in addition to 5 years applicable work experience.
• Must be able to maintain DoD-8140 Compliance.
• Bachelors or Masters dependent upon level. Substitutions include Associate’s Degree plus 2 years’ additional work experience may be substituted for a Bachelor’s Degree. High school diploma or GED and/or a relevant technical certification plus 4 years’ additional work experience may be substituted for a Bachelor’s Degree. Bachelor’s Degree plus 5 years additional work experience may be substituted for a Master’s Degree.
• Top Secret SSBI (must be a US Citizen)

Nice To Haves

• None

Responsibilities

• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
• Implement and manage multiple security tools to include SIEM’s, firewalls, IDS/IPS’s, threat and vulnerability management tools, data loss prevention tools, filtering technologies, traffic inspection solutions, reporting technology and data analytics platforms.
• Use cyber defense tools for continual monitoring and analysis of system to identify malicious activity.
• Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
• Perform cyber defense trend analysis and reporting.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Coordinate with enterprise-wide cyber defense staff to validate network alerts.
• Identify and analyze anomalies in network traffic using metadata.
• Provide daily summary reports of network events and activity relevant to cyber defense practices.
• Identify applications and operating systems of a network device based on network traffic.
• Threat research, OSINT, and classified sources for TTPS, IOCs and signatures for monitoring and alerting.
• RMF/CONMON support to aid in the mitigation of findings.
• Supporting engineering to ensure network designs and operations are secure from inception to production.

Benefits

• Paid Time Off (PTO)/Sick Leave
• 11 Paid Holidays
• Flexible Work Schedules (offering a healthy work-life balance whenever possible)
• Employee Assistance Program (EAP)
• Medical, Dental, and Vision
• LTD/STD, AD&D, and Life-Employer Paid
• Supplemental Life and Accident options
• Health Savings Account (HSA) with employer contribution
• 401K Plan with employer Safe Harbor contribution
• Profit Sharing Plan