NorthHill Technology Resources has opportunities for Tier 2 SOC Analysts to support a Federal Program in Washington, DC.
The SOC Analysts (Tier II) will be members of high-tech state of the art Security Operations Centers and will actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, and will provide proactive threat research. The Security Analysts will utilize the latest in security technology and be on the forefront of incident response on site at our Federal Government Client.
Responsibilities and Duties
· Monitor network traffic for security events and perform triage analysis to identify security incidents
· Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with SOC requirements.
· Work closely with the other teams to assess risk and provide recommendations for improving our security posture
· The ability to take lead on incident research when appropriate and be able to mentor junior analysts
· Ability to write concise summaries describing incidents and brief Government and Contractor Management
· Work with Microsoft Office suite of tools (Word, Excel, PowerPoint, Visio) to document, enrich, automate, and report based of established SOC procedures
· Proficiency in writing professional and clear email communications which represent the SOC to clients across the Program
· Working knowledge of any of the following tools is required: McAfee ePO, RSA Security Analytics|Archer, ZScaler, Wireshark, Splunk or other information security tools.
· Conduct research on emerging security threats
· Provides correlation and trending of Program’s cyber incident activity.
· Develops threat trend analysis reports and metrics
· Supports SOC analysis, handling and response activity
· Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents
· Author Standard Operating Procedures (SOPs) and training documentation when needed. Regularly review, revise, and improve existing documentation through collaboration with Documentation Specialists
· Take ownership of multiple projects at a time and move them forward without neglecting any single one. Roadblocks to success are identified ,documented, communicated, and worked with available resources to overcome
· Minimum of 4 years of IT with at least 3 years of information security operations center or incident response experience
· Self-motivated and able to work in an independent manner
· Must have at least one (1) certification in the field of information security from a respectable security organization. Desirable certifications include, but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, Security +, CEH, CISSP, CCNA (Security) or equivalent Certifications
· Candidate must be willing to work an 8:30 to 5 PM shift on site, Mon – Fri
· Minimum 3 years in an Incident Responder/Handler role and a minimum of 5 years in related Information Technology Security fields.
· Deep packet and log analysis
· Forensic and Malware Analysis experiences
· Cyber Threat and Intelligence gathering and analysis
· Must be able to communicate effectively both verbally and in writing in the English language
· Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation
· Must be able to interface effectively with individuals at all levels of the organization both verbally and in writing
· Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously
· Must work well under pressure to meet deadline requirements
· Must be a US citizen
Education & Experience Requirements
· Bachelor’s degree or comparative experience
· 4-6 years experience in Cyber Security