SOC Analyst
2 weeks ago
Fort Meade, United States
Gridiron IT
Full time
GridIron IT is seeking a SOC Analyst local to Ft. Meade, MD. Secret or Top Secret Clearance REQUIRED to start.
PRIMARY RESPONSIBILITIES:
•Provide SOC Tier 2 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents
•Monitor and respond to events and alerts from the SIEM and other network tools, investigating events of interest and escalating to senior NOC / SOC members.
•Identify & track vulnerabilities using the provided scan engines and report on their remediation progress.
•Work closely with both on-site and remote users to coordinate site visits and upgrades, provide on-site and remote resolution support for trouble calls, and provide TIER 2/3 support of production systems.
•Categorize incidents & events, and collaborate with appropriate authorities in the production of security incident reports
•Coordinate with other DISA organizations, activities, and other services as appropriate to de-conflict blue / red team activity with open incidents/events
•Build timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions
•While not in a period of incident response, you will conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident
• Provide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels (AQLs). This root-cause analysis will include documenting recommendations for corrective action.
•Systems administration of desktop and server systems connected to local and wide area networks.
BASIC QUALIFICATIONS:
•Bachelor's degree and 4+ years of relevant experience; additional years of experience may be substituted in lieu of a degree.
•Must have an active DoD IAT Level II certification, prior to start (Sec+).
• Systems administration experience - desktop and server systems connected to local and wide area networks.
• Troubleshooting skills and knowledge of a troubleshooting methodology.
• Knowledge Management skills to follow and create documentation.
PREFERRED QUALIFICATIONS:
• Certifications such as CySA, CEH, GCIA, or GCIH.
• Experience with enterprise antivirus solutions.
•Experience with vulnerability scanners.
