SOC Mid-Level Analyst

Job Description

ECS is seeking a SOC Mid-Level Analyst to work remotely .

ECS is seeking a Mid-Level SOC Analyst with demonstrated experience supporting the development of processes, procedures, and automations to rapidly ingest, aggregate, correlate, normalize, and analyze event messages to rapidly and assuredly identify and respond to Indicators of Compromise (IoC). The ideal candidate is a critical thinker and perpetual learner who is excited to solve some of our clients' toughest challenges. To be successful the candidate must have experience working in a mature 24x7x365 Security Operation Center.

Shift schedule: Sun-Thu, 11:00PM - 7:00AM ET (subject to change)

Responsibilities include:

• Continuously monitors SIEM and on-premises infrastructure/cloud applications for security events to threats & intrusions, including:
• SIEM alert queue
• Phishing email inbox
• Intel feeds via email and other sources (i.e., US-CERT, MS-ISAC)
• Incident ticketing queue
• Participates with responding to and handling all critical incident activity. Ensure the execution of proper containment, remediation, and recovery activities.
• Assesses and documents lessons learned as part of post-incident review, such as unsuccessful controls, outdated procedures, or incomplete remediation actions.
• Coordinates with SIEM engineering to tune security events and alerts for improving alert fidelity.
• Assists with creating and tuning Security Orchestration and Automation (SOAR) playbooks and automated workflows.
• Performs proactive threat hunting to identify and characterize new emerging threats, vulnerabilities, and risks.
• Works closely with Cyber Threat Intel to provide information on detection patterns for new upcoming threats
• Compiles threat hunt reports as requested on any specific hunt/threat inquiry and disseminate to SOC leadership.

Conducts research and document events of interest within the scope of Cyber Security.

Salary Range: $120,000 - $145,000

General Description of Benefits

Required Skills

• Minimum of 3 years experience conducting analysis of log data in support of intrusion analysis or information security operations.
• Bachelors degree or equivalent with relevant certifications.
• Experience with two or more analysis tools used in a CIRT or similar investigative environment.
• Ability to build content in SIEM system.
• Ability to analyze and triage IoCs.

Desired Skills

• Strong analytical mindset with an open and engaging personality
• Cloud security, threat hunting, security operations
• Knowledge of the Cybersecurity Framework (CSF) and MITRE ATT&CK Framework
• Preferred Certifications (one or more):
• Certified Ethical Hacker (CEH)
• Certified Information System Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• CompTIA Security+
• Computer Hacking Forensic Investigator (CHFI)

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.