Overview
Remote
Depends on Experience
Contract - W2
Contract - Independent
Contract - 12 Month(s)
Skills
Intrusion Detection
Documentation
FedRAMP
GCIA
GCIH
Incident Management
Issue Tracking
Computer Forensics
Cyber Security
Digital Media
DoD
Document Review
Bash
Certified Ethical Hacker
SIEM
Security Operations
Security+
Network
Network Operations
Penetration Testing
Python
Recovery
Reporting
Cisco Certifications
Cloud Computing
Cloud Security
Visual Basic
Vulnerability Assessment
Malware Analysis
Management
System On A Chip
Threat Analysis
Tier 1
Windows PowerShell
Job Details
Job Title:- Sr. Security Operations Center Analyst
Location:- Remote
Duration:- Contract
Role Description:
The Security Operations Center Analyst III position will be a member of a dedicated security team. In this role, the SOC analyst will support a dedicated 24x7x365 operation for a federal program. The SOC Analyst will provide in-depth analysis of potential security events / anomalies based on alerts, events, and tips that have been initially triaged by tier 1 analysts. The SOC Analyst will leverage all available enterprise security tools, knowledge sources, and data artifacts to determine the who, what, when, where and why of a potential security event. When required, the SOC Analyst will assist to coordinate the execution and implementation of all actions required for the containment, eradication, and recovery from cybersecurity events and incidents. The SOC Analyst will support regular reviews and updates of security documentation. The SOC Analysts will conduct proactive threat hunting to identify and mitigate potential risks.
The Security Operations Center Analyst III position will be a member of a dedicated security team. In this role, the SOC analyst will support a dedicated 24x7x365 operation for a federal program. The SOC Analyst will provide in-depth analysis of potential security events / anomalies based on alerts, events, and tips that have been initially triaged by tier 1 analysts. The SOC Analyst will leverage all available enterprise security tools, knowledge sources, and data artifacts to determine the who, what, when, where and why of a potential security event. When required, the SOC Analyst will assist to coordinate the execution and implementation of all actions required for the containment, eradication, and recovery from cybersecurity events and incidents. The SOC Analyst will support regular reviews and updates of security documentation. The SOC Analysts will conduct proactive threat hunting to identify and mitigate potential risks.
Specific job duties include:
Perform alternating shift work on a 24x7x365 Security Monitoring, Analysis and Response.
Support incident investigations, response, and reporting.
Security Reporting.
Vulnerability Analysis.
SOC ticket queue management.
Document actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed.
Security documentation review and updates.
Proactive threat hunting.
Perform alternating shift work on a 24x7x365 Security Monitoring, Analysis and Response.
Support incident investigations, response, and reporting.
Security Reporting.
Vulnerability Analysis.
SOC ticket queue management.
Document actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed.
Security documentation review and updates.
Proactive threat hunting.
Position Requirements:
Bachelors + minimum 7 years of relevant work experience.
5+ years of experience working in a 24x7x365 SOC environment.
Analyzing system and network logs for security events, anomalies, and configuration issues.
Experience working with SIEM technology to monitor and manage security events.
Background in incident response, system/network operations and threat intelligence.
Experience utilizing enterprise security technologies such as SIEM/SOAR, NGAV/EDR, Vulnerability scanners, and Threat Intelligence Platforms.
Understanding of enterprise environments, specifically cloud-based and hybrid cloud environments.
Understanding of common cyber intrusion frameworks such as Cyber Kill Chain, Diamond Model, MITRE ATt&CK with the ability to train others.
Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.
Understanding of possible attack activities such as network reconnaissance probing/ scanning, DDOS, malicious code activity, etc.
5+ years of experience in the areas of incident detection and response, remediation malware analysis, or computer forensics.
Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell.
Experience in two or more of these specialized areas: Insider Threat, Digital media forensic, Monitoring and detection, Incident Response.
Security +, CEH, CFR, CCNA Cyber Ops , CCNA-Security, CySA+ **, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+.
Understanding and experience with Federal Security Standards such as NIST and DoD.
Understanding and experience with FedRAMP Cloud Security Requirements.
Bachelors + minimum 7 years of relevant work experience.
5+ years of experience working in a 24x7x365 SOC environment.
Analyzing system and network logs for security events, anomalies, and configuration issues.
Experience working with SIEM technology to monitor and manage security events.
Background in incident response, system/network operations and threat intelligence.
Experience utilizing enterprise security technologies such as SIEM/SOAR, NGAV/EDR, Vulnerability scanners, and Threat Intelligence Platforms.
Understanding of enterprise environments, specifically cloud-based and hybrid cloud environments.
Understanding of common cyber intrusion frameworks such as Cyber Kill Chain, Diamond Model, MITRE ATt&CK with the ability to train others.
Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.
Understanding of possible attack activities such as network reconnaissance probing/ scanning, DDOS, malicious code activity, etc.
5+ years of experience in the areas of incident detection and response, remediation malware analysis, or computer forensics.
Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell.
Experience in two or more of these specialized areas: Insider Threat, Digital media forensic, Monitoring and detection, Incident Response.
Security +, CEH, CFR, CCNA Cyber Ops , CCNA-Security, CySA+ **, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+.
Understanding and experience with Federal Security Standards such as NIST and DoD.
Understanding and experience with FedRAMP Cloud Security Requirements.
Level of Experience & Preferred Education:
7 years of professional experience, or more.
Bachelor's degree, or higher.
7 years of professional experience, or more.
Bachelor's degree, or higher.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.