SOC Operations Analyst / Public Trust
About The Position
Peraton is seeking to hire an experienced SOC Operations Analyst for its' Federal Strategic Cyber programs. This role involves managing incident triage, coordinating with analysis and detection sections, and analyzing the impact of cyber events on IT assets and network infrastructure. The analyst will ensure proper incident management and coordination, direct continuity of operations for emergency relocation of 24x7x365 operations, and organize containment, investigation, and remediation efforts. Responsibilities also include performing quality assurance of service desk actions, monitoring SOC and SIM emails, submitting Remedy tickets to manage backlogs, and supporting incident response engagements. The analyst will partner with other incident response teams to maintain an understanding of current threats, vulnerabilities, and exploits. Additionally, the role involves monitoring multiple data sources for cybersecurity incidents, threats, and vulnerabilities, and providing cyber risk briefings to government agencies and stakeholders. Coordination with external organizations, authorities, and senior leadership may be required.
Requirements
- Bachelor’s degree and a minimum of 5 years’ experience required. An additional 4 years of experience may be substituted for degree.
- Experience and familiarity with network analytics including Netflow/PCAP analysis.
- Understanding of cyber forensics concepts including malware, hunt, etc.
- Understanding of how both Windows and Linux systems are compromised.
- U.S. citizenship required.
- Active Public Trust security clearance.
Nice To Haves
- Experience using Splunk for system data analytics and monitoring strongly preferred.
- Experience performing cyber forensics, malware analysis, cyber hunt, etc. strongly preferred.
- A professional certification such as GCFA, GNFA, GREM, or GCIH is highly desirable.
Responsibilities
- Manage incident triage and coordination with analysis and detection sections to identify and analyze technology and cyber impacts to IT assets, network infrastructure (LAN/WAN), including applying security and ensure proper incident management and coordination.
- Direct continuity of operations for emergency relocation of 24x7x365 operations to include uninterrupted telecommunications, computer systems, cybersecurity, and networks.
- Organizes, supports, and manages the containment, investigation, and remediation efforts in regards to incidences.
- Perform quality assurance of service desk actions and Remedy ticket submissions.
- Monitor, respond, and catalog SOC and SIM emails as applicable.
- Submit Remedy tickets as necessary to assist with keeping the triage console free of backlogs.
- Supports incident response engagements, and partners with other incident response teams in maintaining an understanding of threats, vulnerabilities, and exploits that could impact client networks and assets.
- Monitor and review multiple data sources, including intelligence, media, and law enforcement reporting, to identify cybersecurity incidents, threats, and vulnerabilities.
- Provide classified and unclassified cyber risk briefings and activity updates, to include but not limited to civilian government agencies and community stakeholders.
- May be required to coordinate with external organizations, authorities, and senior level leadership.
Benefits
- Employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
