SOC Analyst / Splunk Administrator

Job#: 2072936

Job Description:

Apex Systems is seeking a SOC Analyst / Splunk Administrator to work partially remote and will be expected onsite in Washington, D.C. for 1 day per week.

Summary:

This position is a hybrid position designed to bridge SOC Analysis with Splunk Engineering and Content Creation. The candidate should have competency with administering Splunk, creating custom content with SPL, data administration in a SIEM, and performing security investigations through Splunk ES.?

The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables.?

Additionally, the ideal candidate would be familiar with tools commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management.?

Requirements:?

?
• Minimum 2-5 years of experience in network defense environments.?
• Splunk Admin Certification?a must, will substitute 15+ years of experience for certification
• Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis.?
• Prior experience and ability with analyzing information technology security events to discern true positive incidents from false positive events. This includes security event triage, incident investigation, implementing countermeasures, and conducting incident response.?
• Hands-on experience with managing and optimizing Splunk Enterprise Security including configuring and maintaining Splunk infrastructure.
• Hands on experience with managing data sources, data alignment, and data curation. This includes troubleshooting missing events, working with data source owners to onboard new data sources and/or troubleshoot existing ones.?
• Hands on experience with dashboard and notable creation - visualizations, report generation, and general content creation.?
• Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.?
• Strong logical/critical thinking abilities, especially analyzing security events from host and network event sources e.g., windows event logs, AV, EDR, network traffic, IDS events for malicious intent).?
• Excellent organizational abilities and attention to details in tracking activities within various Security Operation workflows.?
• A working knowledge of the various operating systems (e.g., Windows, OS X, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).?
• Experience with the identification and implementation of countermeasures or mitigating controls for deployment and implementation in the enterprise network environment.?
• Strong written and verbal communication skills.?

Desired Qualifications:?

• An understanding in researching Emerging Threats and recommending monitoring content within security tools.?
• Experience with one or more of the following technologies, specific tools: FireEye, Palo Alto, full MS O365 suite (compliance center).?
• Relevant certifications: Security+,?CySA+, GCIA, GCIH, or similar.?
• Experience with scripting or automation.?
• Familiarity with cloud security monitoring (e.g., AWS, Azure).?

Education:?

• BS degree preferred

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.

Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.