SOC Operations Analyst - Senior / Public Trust
About The Position
Peraton is seeking to hire a Senior SOC Operations Analyst position with its' Federal Strategic Cyber programs. This role involves managing incident triage and coordination, analyzing technology and cyber impacts to IT assets and network infrastructure, and ensuring proper incident management. The analyst will also direct continuity of operations for emergency relocation of 24x7x365 operations, including telecommunications, computer systems, cybersecurity, and networks. Responsibilities include organizing, supporting, and managing containment, investigation, and remediation efforts for incidents, performing quality assurance of service desk actions and Remedy ticket submissions, and monitoring/responding to SOC and SIM emails. The role supports incident response engagements, partners with other teams to understand threats and vulnerabilities, and monitors multiple data sources to identify cybersecurity incidents. Additionally, the analyst will provide cyber risk briefings and activity updates to government agencies and stakeholders, and may coordinate with external organizations and senior leadership.
Requirements
- Bachelor’s degree and a minimum of 8 years of relevant experience required. An additional 4 years of experience may be substituted for degree.
- Experience and familiarity with network analytics including Netflow/PCAP analysis.
- Understanding of cyber forensics concepts including malware, hunt, etc.
- Demonstrated understanding of how both Windows and Linux systems are compromised.
- U.S. citizenship required.
- Active Public Trust security clearance.
Nice To Haves
- Experience using Splunk for system data analytics and monitoring strongly preferred.
- Experience performing cyber forensics, malware analysis, cyber hunt, etc. strongly preferred.
- A professional certification such as GCFA, GNFA, GREM, or GCIH is highly desirable.
Responsibilities
- Manage incident triage and coordination with analysis and detection sections to identify and analyze technology and cyber impacts to IT assets, network infrastructure (LAN/WAN), including applying security and ensure proper incident management and coordination.
- Direct continuity of operations for emergency relocation of 24x7x365 operations to include uninterrupted telecommunications, computer systems, cybersecurity, and networks.
- Organizes, supports, and manages the containment, investigation, and remediation efforts in regards to incidences.
- Perform quality assurance of service desk actions and Remedy ticket submissions.
- Monitor, respond, and catalog SOC and SIM emails as applicable.
- Submit Remedy tickets as necessary to assist with keeping the triage console free of backlogs.
- Supports incident response engagements, and partners with other incident response teams in maintaining an understanding of threats, vulnerabilities, and exploits that could impact client networks and assets.
- Monitor and review multiple data sources, including intelligence, media, and law enforcement reporting, to identify cybersecurity incidents, threats, and vulnerabilities.
- Provide classified and unclassified cyber risk briefings and activity updates, to include but not limited to civilian government agencies and community stakeholders.
- May be required to coordinate with external organizations, authorities, and senior level leadership.
Benefits
- Employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Number of Employees
5,001-10,000 employees
