SOC Watch Analyst

Location: Washington, DC
Date Posted: 05-23-2017
We are seeking a SOC Watch candidate for a full time opening in Washington, DC. All applicants must be born in the U.S and have an active Top Secret Clearance.
  • Serve as the Cybersecurity Watch Analyst responsible for analyzing information collected from a variety of sources to identify, analyze, and report on events to protect information systems and networks from threats.
  • Perform technical security activities to include:
    • Characterize and analyze security events to identify anomalous and potential threats to systems
    • Analyze identified malicious activity to determine exploitation methods and impacts
    • Triage intrusions, malware, and other cybersecurity threats
    • Document, track and escalate cybersecurity incidents 
  • Comment on new ODNI/NIST standards / regulations as applies to client environment
  • Employ best practices when implementing security requirements within an information system. 
  • Participate in IC Community Shared Resources Working Group.
  • May serve as a technical team or task leader.
  • Maintains current knowledge of relevant technology as assigned.
  • Respond to cyber incidents as defined in Incident Response and local SOP.
  • Participates in special projects as required.
Required Skills:
  • 10 years of cyber security experience with a Bachelor’s Degree in a technical field.
  • 2+ years of SOC Analyst experience
  • Desired Candidates have CISSP or other security certification.
  • Knowledge of common adversary tactics, techniques, and procedures.
  • Experience working in a SIEM, interpreting IDS alerts, and deriving context from event logs
  • Candidates must have the following experience and knowledge:
    Knowledge of the IC and audit collection policies.
  • Possess effective interpersonal and presentation skills as he/she operates in a client-facing role.
  • Possess the ability to communicate in written and oral form.  Publication or presentation experiences a plus.
  • Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures.
Desired Skills:
  • Possesses experience supporting the Intelligence Community (IC)
  • Experience analyzing host based security events and indicators
  • Experience analyzing network based security events and indicators
  • Experience working in a SOC and supporting incident response
  • Experience with supporting the Joint Worldwide Intelligence System (JWICS).
  • Knowledge of cloud architecture.
  • Knowledge of virtualization capabilities
Clearance Requirements:
Candidate must be a Natural Born U.S Citizen with an active Top Secret Clearance. Candidate can start once the "Q" portion of the clearance is received
this job portal is powered by CATS