| SOC ANALYST (CYBER SECURITY ) || Onsite || VA || No h1b OR Cpt at Remote, Remote, USA |
| Email: [email protected] |
| From: GUNJAN, PINAKA STAFFING [email protected] Reply to: [email protected] Role- SOC Analyst 100% ONSITE Client:- State of VA, Department Of Defence Job Description: HOW A CYBER SECURITY SOC ANALYST WILL MAKE AN IMPACT: Must have strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis Experience and ability to analyze information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents. This includes security event triage, incident investigation, implementing countermeasures, and conducting incident response. Must be knowledgeable and have hands-on experience with Splunk Security Information and Event Management (SIEM) System. Monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting. Strong logical/critical thinking abilities, especially analyzing security events (windows event logs, network traffic, IDS/IPS events for malicious intent). Excellent organization and attention to details in tracking activities within various Security Operation workflows. A working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.). Experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment. Experience with one or more of the following technologies Network Threat Hunting, Big Data Analytics, Endpoint Threat Detection and Response, SIEM, workflow and ticketing, and Intrusion Detection System. Provide Cyber Security/Threat Hunting expertise and deep analysis of raw data from assets supporting Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services Proactively search and identify indicators of compromise and anomalous behavior which is indicative of malicious behavior that has not yet met the event/incident threshold, or has not been detected by automated security tools Assess data from multiple sources and navigates the cyber terrain to identified suspicious behavior Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts Demonstrate systems experience using Security Information and Event Management (SIEM) and and Incident Response analysis Knowledge of Network Intrusion Detection System/Intrusion Prevention Systems (NIDS/IPS) as well as Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS) Knowledge of Security Orchestration Automation and Response (SOAR), Endpoint and Network Detection and Response (EDR/NDR) and User Behavior Analytics (UBA) Ability to demonstrate strong analytical and problem-solving, and also leverage interpersonal, organizational, writing, communications, and briefing skills WHAT YOU'LL NEED TO SUCCEED: Education: BS/BA degree or equivalent work experience and technical certs/training. Required Experience: 8+ years of related experience in Cyber Security, Security Operation Center (SOC) Analysis and Threat Hunting. Required: DoD 8570 certs: CEH cert is required but will also consider GSOC, CFR, GCIH, GCIA and/or GSEC, CSSP Analyst - required to Start (CEH, CFR, CCNA Cyber Ops, CySA+**, GCIA, GCIH, GICSP, SCYBER) ship Required due to the TS/SCI clearance requirement. Required Skills and Abilities: Communication, presentation, problem solving, analytical skills, detail oriented, and knowledge of server and client operating systems. Required Technical Skills: Cyber Security SOC Analysis Tier II/III and Threat Hunting work experience. Working knowledge of Splunk Enterprise Security, Palo Alto, RSA Netwitness Full Packet Capture (PCAP) system, Cisco Firepower IPS, and Crowdstrike EDR. Security Clearance Level: Active TS/SCI required Preferred Skills: Knowledge of current and emerging threats/threat vectors, and vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins) Location: On Customer Site in Newington VA, Monday through Friday, 1st shift only. No weekends or nights. Keywords: business analyst Virginia SOC ANALYST (CYBER SECURITY ) || Onsite || VA || No h1b OR Cpt [email protected] |
| [email protected] View all |
| Tue Oct 22 21:57:00 UTC 2024 |