SOC Watch Analyst

Location: Washington, DC
Date Posted: 05-23-2017
We are seeking a Cybersecurity Operations Center (SOC) Analyst candidate for a full time opening in Washington, DC. All applicants must be U.S Citizens and have an active Top Secret Clearance.
  • Serve as the Cyber Security Operations Center Watch Analyst responsible for collecting and analyzing information collected from a variety of sources to identify, analyze, and report on events to protect information systems and networks from threats.
  • Support the Computer Network Defense (CND) mission by leveraging host and network based protection capabilities and forensic analysis tools
  • Perform the full life cycle of Incident Response activities
  • Perform technical security activities to include:
  • Characterize and analyze security events to identify anomalous and potential threats to systems
  • Analyze identified malicious activity to determine exploitation methods and impacts
  • Triage intrusions, malware, and other cybersecurity threats
  • Document, track and escalate cybersecurity incidents 
  • Employ best practices when implementing security requirements within an information system. 
  • Participate in IC Community Shared Resources Working Group.
  • May serve as a technical team or task leader.
  • Maintains current knowledge of relevant technology as assigned.
  • Respond to cyber incidents as defined in Incident Response and local SOP.
  • Participates in special projects as required
Required Skills:
  • 2+ years of SOC Analyst experience
  • Desired Candidates have CEH, GCIA, GCIH, GIAC, CISSP or other security certification.
  • Knowledge of common adversary tactics, techniques, and procedures.
  • Experience working with a SIEM, interpreting IDS alerts, and deriving context from event logs
  • Experience analyzing raw packet capture
  • Candidates must have the following experience and knowledge:
    Knowledge of the IC and audit collection policies.
  • Possess the ability to communicate in written and oral form.  
  • Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures.
Desired Skills:
  • Possesses experience supporting the Intelligence Community (IC)
  • Experience analyzing host based security events and indicators
  • Experience analyzing network based security events and indicators
  • Experience working in a SOC and supporting incident response
  • Experience with supporting the Joint Worldwide Intelligence System (JWICS).
  • Knowledge of cloud architecture.
  • Knowledge of virtualization capabilities
  • In Depth experience working with Splunk, ArcSight, McAfee HBSS, EnCase, FTK, SourceFire,
  • BlueCoat, Palo Alto, Snort, and/or FireEye
Clearance Requirements:
Candidate must be a U.S Citizen with an active Top Secret Clearance. Candidate can start once the "Q" portion of the clearance is received

this job portal is powered by CATS