Night/Weekend SOC Analyst
ClearFocus Technologies•Washington, DC
•Onsite
About The Position
ClearFocus Technologies is seeking a SOC Analyst for multiple opportunities that are 100% onsite in Washington, DC. The company is a HUBZone certified company specializing in cybersecurity and supporting government and commercial clients. They value clients, integrity, and employees, and are committed to attracting and retaining top talent. The role requires working 12-hour shifts, including nights and weekends, and involves an in-person hands-on keyboard interview assessment. There is a 90-day probation period.
Requirements
- Active TOP-SECRET CLEARANCE.
- Proficient in supporting 24x7x365 SOC or Cyber Watch operations.
- Self-starter with the ability to research and find answers independently.
- Ability to work with minimal to no supervision.
- Ability to learn new technologies and techniques.
- Ability to read, write, and comprehend at the intermediate level.
- Ability to read, comprehend, and apply standard operating procedures, playbooks, and directives.
- Understanding and applied knowledge of the full Triage process.
- Ability to hypothesize during an event to determine an outcome.
- Basic - intermediate understanding of various cyber-attacks (new and old) across various platforms and environments including Active Directory, Windows, Linux.
- Knowledge of how to perform basic-intermediate Splunk searches in Splunk Enterprise Security.
- Knowledge of how to perform basic-intermediate threat hunting in Splunk.
- Ability to identify root-cause using various native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds).
- Ability to read and comprehend various log types.
- Ability to correlate logs to investigate various cyber events and incidents using native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds).
- Basic - intermediate understanding and applied knowledge of networking fundamentals (most common ports and protocols, what they are, and how they work).
- Basic - intermediate understanding and applied knowledge of command line tools (windows command line, Linux command line, PowerShell, etc.).
- Active Top-Secret with SCI/Q eligibility.
Nice To Haves
- Cloud experience is a plus.
- Prior Help desk and system administrators with ticket handling, Active Directory, and command line scripting experience preferred.
Responsibilities
- Support 24x7x365 SOC or Cyber Watch operations.
- Research and find answers independently.
- Work with minimal to no supervision.
- Learn new technologies and techniques.
- Read, write, and comprehend at an intermediate level.
- Read, comprehend, and apply standard operating procedures, playbooks, and directives.
- Perform the full Triage process to determine if an event is a true positive or false positive.
- Hypothesize during an event to determine an outcome.
- Perform basic-intermediate Splunk searches in Splunk Enterprise Security.
- Perform basic-intermediate threat hunting in Splunk.
- Identify root-cause using various native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds).
- Read and comprehend various log types.
- Correlate logs to investigate various cyber events and incidents using native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds).
Benefits
- Medical
- Dental
- Vision
- Paid time off
- 401(k)
- Paid professional development reimbursement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
