SOC Analyst
About The Position
Position Summary Northern Technologies Group (NTG) is seeking a highly motivated Security Operations Center (SOC) Analyst to support a mission-critical cybersecurity operations environment. The SOC Analyst will be responsible for monitoring, analyzing, investigating, and responding to cybersecurity events and incidents across enterprise networks and systems. This role requires experience in incident response, cyber defense operations, threat detection, and security monitoring within a Security Operations Center (SOC). The ideal candidate will possess strong analytical skills, experience working with enterprise security tools, and a deep understanding of cyber threat actor tactics, techniques, and procedures (TTPs).
Requirements
- Must be a U.S. Citizen.
- Must possess an active DoD Top Secret/ SCI security clearance
- Bachelor’s degree and 8+ years of relevant experience, Additional military service and relevant experience may substitute for degree requirements. Candidates without a degree must possess a minimum of 12 years of relevant experience.
- Minimum 2 years of incident handling and incident response experience.
- Minimum 2 years of Security Operations Center (SOC) experience.
- Experience supporting Cyber Network Defense (CND) operations within a Computer Incident Response organization.
- Demonstrated understanding of Cyber threat lifecycles, Attack vectors and exploitation methodologies, Adversary tactics, techniques, and procedures (TTPs)
- Strong knowledge of: TCP/IP networking, Network protocols and ports, Traffic analysis, System administration, OSI model, Defense-in-depth security principles
- Ability to work independently in a fast-paced operational environment.
- DoD 8570 IAT Level II (or higher) certifications prior to start date (CompTIA Sec+, SSCP etc)
- Must also obtain a DoD 8570 CSSP-Analyst certification within six months of hire (CEH, CySA+, GCIA)
Nice To Haves
- Experience analyzing large volumes of: Security logs, NetFlow data, Full Packet Capture (PCAP), Network forensic artifacts
- Hands-on experience with enterprise SIEM platforms such as: Splunk, ArcSight, QRadar, McAfee Enterprise Security Management (Nitro), LogLogic.
- Experience with: IDS/IPS technologies, Host-Based Security Systems (HBSS), Endpoint security tools, Malware analysis techniques
- Unix/Linux command-line proficiency.
- Scripting or programming experience.
- Familiarity with: MITRE ATT&CK Framework, Cyber Kill Chain Methodology, Intelligence-Driven Defense concepts
Responsibilities
- Monitor and analyze security alerts generated from endpoints, IDS/IPS systems, NetFlow data, SIEM platforms, and custom security sensors.
- Identify, investigate, and respond to potential cybersecurity incidents and compromises across customer networks and endpoints.
- Perform detailed analysis of large-scale log data and correlate information across multiple data sources during incident investigations.
- Escalate validated threats and incidents to senior SOC personnel while providing detailed supporting evidence.
- Document investigative findings, actions taken, and recommendations within case management and knowledge management systems.
- Create, maintain, and distribute incident reports to customers, stakeholders, and leadership.
- Support Cyber Network Defense (CND) operations through protection, detection, response, and sustainment activities.
- Participate in shift operations supporting a 24x7 mission-essential environment.
- Maintain awareness of emerging cyber threats, attack vectors, and adversary TTPs.
- Contribute to knowledge sharing, mentoring, training, and continuous improvement initiatives.
Benefits
- Equal opportunity employer
- drug free workplace
- complies with ADA regulations
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
