Security Administrator/Tier II


On Site
0 to 0
Full Time
No Travel Required


CompTIA Security+
Incident response
Intrusion detection

Job Details


Business Operational Concepts (BOC) is a recognized leader in providing Technical and Program Management Services, Information Technology, and Support.

BOC has enabled their Government and Commercial clients to achieve their organizational initiatives through the application of high quality, innovative, and cost-effective professional services and solutions. We provide a positive working environment, with opportunities for advancement in our growing Federal sector workforce.

We offer an excellent compensation package which includes a generous salary, insurance (medical, dental, etc.), paid leave, 401k plan and more. We are committed to the diversity we bring to the marketplace and believe customer satisfaction comes first.


Business Operational Concepts (BOC) is currently seeking a Security Administrator/Tier II to work with our government client.

The ideal candidate for this job will serve as a Senior Cyber Analyst within the federal clients Security Operations Center. A highly motivated individual with strong technical, communication, and organizational skills will succeed on this program.

The goal of the Security Operations Center (SOC) team is to proactively monitor, identify, and remediate information technology security vulnerabilities and intrusions. The team, as the initial point of contact and triage, needs to ensure that all operational security controls are appropriately applied and managed and that systems within the control of the SOC have appropriate security controls in place in accordance with the Federal Information Security Management Act (FISMA). To accomplish this goal, the security team is responsible for a broad suite of security technologies that include vulnerability scanning, malware detection, log file analysis, enterprise-wide incident response and security information and event management (SIEM) tools. The analyst will be responsible for continuous surveillance, analysis, mitigation, remediation and incident management using the client s current SOC suite of tools.



* Intrusion detection

* Cyber threat hunting

* Cyber incident ticketing and response

* Analyze PCAPs

* Perform cyber investigations and analysis

* Ability to proficiently utilize the client s wide variety of security tools including:

* Akamai Web Application Firewall

* ArcSight HP

* HP TippingPoint

* Websense Web, Email, and DLP

* Cylance Protect

* Xceedium

* Tripwire IP360, CCM, and Enterprise

* SolarWinds

* LANDesk

* Symantec Endpoint Protection

* Splunk Enterprise

* EnCase Enterprise

* Bit9 Carbon Black

* ForcepointWeb, Email, and DLP

* SentinelOne

* Palo Alto

* RSA Security Analytics/NetWitness

* ForeScout CounterACT

* Remedy

* Documentation of all activities, per requirements of audits

* Reporting generating and creating metrics for upper management


Required (Minimum) Qualifications Education, Certification, Experience, and Skills

* Excellent analytical and problem-solving skills. Ability to work cohesively with the team, as well as independently to identify errors, and pinpoint root causes.

* Ability to investigate and evaluate network traffic, read and interpret logs and packets.

* Handle user reported cases of potential phishing campaigns.

* Research and analyze wide variety of commodity and APT based malware and techniques.

* Search our existing infrastructure for signs of malware and malicious events not detected by our existing security controls.

* Utilize industry standard network and host forensic tools in order to fully understand the scope of an incident (sandbox, etc.).

* Ability to analyze data from various sources over time and create a clear narrative of observed behavior in writing and verbally.

* Ability to multitask with a high degree of accuracy.

* Outstanding communication skills. Strong mastery of professional level English. Ability to communicate with senior management and federal client staff both technical and non-technical in a clear and concise manner using proper spelling, punctuation and grammar.

* Desire to not only work and learn from co-workers, but to also act as mentor at times.

* High level expertise in Word, Excel, PowerPoint and Outlook.

* Moderate-level understanding of basic computer and networking technologies

* TCP/IP stack

* Windows operating systems

* Networking technologies (routing, switching, VLANs, subnets, firewalls)

* Common networking protocols SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etc.

* Common enterprise technologies Active Directory, Group Policy, VMware vSphere

* Basic-level understanding of IT security principles, technologies, best practices, and NIST guidance

* Logical Access Control

* PKI and other encryption methods

* Network-based and host-based IDS/IPS

* CompTIA Security+

* Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)

* Microsoft Certified: Azure Fundamentals (AZ-900)

Preferred Qualifications Education, Certification, Experience, Skills, Knowledge, and Abilities

* Interest in security/hacking culture. Ability to think like an attacker

* A continued desire to obtain additional education and certifications.

* Desired Certifications (any of the following)

* Network+

* Microsoft Certified: Security Operations Analyst Associate (SC-200)

* CySA+

* CASP (CompTIA Advanced Security Practitioner)

* CEH (Certified Ethical Hacker)

* CISSP (Certified Information Systems Security Professional)

* SSCP (Systems Security Certified Prationer)