SOC Analyst
4 weeks ago
Job Title: SOC Analyst
Location: Crownsville, MD (100% onsite)
Job Type: Long term contract - ONSITE
Interview Mode: Video
Duties and Responsibilities:
- Monitor, protect, and defend the enterprise perimeter against malicious network traffic.
- Monitor, protect, and defend internal networks and hosts against ongoing and emerging threats.
- Enrich monitoring logs with contextual operation data from functional areas correlate events and identify security issues, threats, and vulnerabilities
- Conduct security event analysis and validation, triage validated incidents, perform initial containment where feasible, research incident and enrich incident case documentation, and escalate incident for further analysis, containment, and eradication.
- Review and analyze threat intelligence information and proactively search application, system, network logs to hunt for and thwart relevant threats identified threats.
- Prepare and perform shift handover briefing to communicate completed and pending activities, and relay situational awareness information.
- Contribute to the development and maintenance of SOC Standard Operating Procedures (SOPs) and Concept of Operations (CONOPS) to establish and continuously improve organization operating knowledge base.
- Participate in post-incident activities and contribute to lessons learned to improve security operations.
- Provide support in preparation of management threat reports and briefings, and recommendations.
- Provide sound technical recommendations that enable remediation of security issues.
- Partner with security engineering to develop and refine SIEM correlation rules.
- Utilize advanced threat models, SIEM use cases, and incident response playbooks.
Required Skills and Qualifications:
- Bachelor's degree from an accredited college or university with a major in computer science, information systems, engineering, business, or a related scientific or technical disciplines. Master's Degree is preferred.
- CompTIA CySA+ certification/ or a CompTIA Security+ (or other relevant IAT Level II/III Certification) along with one of the following:
- CEH
- CFR
- CCNA Cyber Ops
- CCNA-Security
- GCIA
- GCIH
- GICSP
- Cloud+
- SCYBER
- PenTest+
- Experience analyzing intrusion events such phishing emails, malware, privileges misuse, traffic indicating potential malicious activities such DoS/DDoS, brute force, data loss through exfiltration/ inadvertent disclosure.
- Applied experience of threat analysis model/frameworks such Cyber Kill Chain, MITRE ATT&CK, Diamond Model, Pyramid of Pain etc.
- Working knowledge of advanced threat Tactics, Techniques and Procedures (TTPs).
- Applied experience with network traffic analysis with tools like Wireshark
- Applied experience with a variety of Opensource threat research tools/platforms such as Virus Total
- Working knowledge of network and security architecture principles such as defense-in-depth
- Experience with proprietary security protection/detections tools such as Firewall, Host and Network IDS/IPS, Anti-Virus, EDR, URL Filtering Gateways, Email Filtering Gateways, DLP tools, and SIEM tools such as Splunk etc.
- Capable of working independently, establishing priorities and managing task completion within set SLAs
- Able to communicate effectively through writing, speaking, and presenting to client technical representatives.
- Team player capable of productively contributing to the client mission by supporting fellow teammates in a dynamic growing and changing environment.
Desired Skills and Qualifications:
- Experience with mid-to-advance level malware analysis
- Experience creating detailed queries and scripts, such as regular expressions, for log, event and correlation analysis.
- Experience scripting in Python, PowerShell, VBScript
-
Firewall Manager
7 days ago
Crownsville, United States Maryland Department of Information Technology Full timeIntroduction The Office of Security Management within the Department of Information Technology (DoIT) provides State agencies with a common statewide strategy for secure, effective, and technically sound use of the State's information technology resources. This Office is responsible for the establishment of Security Policies, Security Guidance, Security...
-
Firewall Manager
2 weeks ago
Crownsville, United States Maryland Department of Information Technology Full timeIntroductionThe Office of Security Management within the Department of Information Technology (DoIT) provides State agencies with a common statewide strategy for secure, effective, and technically sound use of the State's information technology resources. This Office is responsible for the establishment of Security Policies, Security Guidance, Security...
-
Firewall Manager
3 weeks ago
Crownsville, United States Maryland Department of Information Technology Full timeIntroductionThe Office of Security Management within the Department of Information Technology (DoIT) provides State agencies with a common statewide strategy for secure, effective, and technically sound use of the State's information technology resources. This Office is responsible for the establishment of Security Policies, Security Guidance, Security...
-
Firewall Manager
3 weeks ago
Crownsville, United States Maryland Department of Information Technology Full timeIntroductionThe Office of Security Management within the Department of Information Technology (DoIT) provides State agencies with a common statewide strategy for secure, effective, and technically sound use of the State's information technology resources. This Office is responsible for the establishment of Security Policies, Security Guidance, Security...