SOC Analyst

ASRC Federal is seeking a Cybersecurity Analyst to support the Department of Defense Education Activity (DoDEA) Enterprise Cyber Program. The SOC Analyst role will support enterprise cybersecurity operations for a federal customer, assisting with Risk Management Framework (RMF) compliance, vulnerability management, security monitoring, and incident response activities, collaborating with other cybersecurity personnel. SOC Analyst Key Responsibilities: ● Monitor and analyze network traffic, system logs, and other security data for signs ofmalicious activity ● Leverage Security Information and Event Management (SIEM) tools to view andinvestigate security alerts and notable events ● Handle incidents through their lifecycle; analyze, triage, contain, and remediate security incidents, as well as recommend improvements to prevent future security incidents, and ways to expedite response to security incidents based on lessons learned ● Communicate effectively with technical and non-technical users in a timely manner ● Preparing situational awareness reports for the customer, its constituent bureaus, and/or Department management ● Developing and maintaining response manual and automated response playbooks ● Facilitating development of SIEM detection and ingestion strategies to improve SOCvisibility ● Conduct forensic analysis on hosts and logs as malware analysis as deemed necessary ● Perform threat hunting based off new techniques ● Develop and implement security procedures to prevent future incidents. ● Provide technical support to other members of the security team. ● Stay up-to-date on the latest security threats and trends. Required Skills /Education/ Certifications & Qualifications: Requires a Bachelor's degree and 0-2 years of experience or equivalent. Must hold and maintain IAT 8140 certification, one of each of the following lists: ○ CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP○ CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+ Experience with SIEM tools, like Microsoft Sentinel. Experience leading and managing SOC operations. Subject matter expertise in analyzing network packets, SIEM alerts, and server and application logs to investigate incidents for anomalous/malicious activities. Experience tracking incidents against a framework such as MITRE ATT&CK or Cyber Kill Chain methodology. Able to perform advanced analysis on advanced persistent threats and map out the threat lifecycle Desired Skills: ● Experience with Microsoft Sentinel ● Forensic investigation and malware analysis experience ● Inquisitive, problem-solving oriented ● Can-do attitude with a strong sense of ownership Active Secret Clearance Required