SOC Operations Analyst

About The Position

Requirements

• 5 years of experience with Splunk Enterprise Security.
• Must be willing to work a shift schedule: Wed-Sat 6am-4pm.
• Must be a U.S. Citizen.
• An active DoD Top Secret clearance with SCI eligibility is required.
• Ability to maintain a Top Secret clearance with SCI eligibility during employment.

Nice To Haves

• Microsoft Sentinel
• GIAC Continuous Monitoring Certification (GMON)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Network Forensic Analyst (GNFA)

Responsibilities

• Monitoring computer networks for security issues.
• Investigating security breaches and other cybersecurity incidents.
• Documenting security breaches and assessing the damage they cause.
• Performing tests and uncovering network vulnerabilities, such as penetration testing.
• Fixing detected vulnerabilities to maintain a high-security standard.
• Recommending best practices for IT security.
• Installing security measures and operating software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Conducting analysis, confirming intrusion information, and creating a forensically sound duplicate of the files.
• Decrypting data and providing technical summaries and input.
• Examining recovered data for relevant information and performing dynamic analysis to include timeline, statistical, and file signature analysis.
• Performing real-time cyber defense handling tasks to support deployable Incident Response Teams (IRTs).

Benefits

• Continuing-education opportunities
• Robust training programs
• "People First" benefits package