Fed: SOC Analyst ( Splunk, IDs / IPs, SIEM, Incident ) - Interim / Secret Clearance

SIEM, Splunk
Full Time
Depends on Experience
Work from home available

Job Description

(Only w2 and must have Active Interim / Secret clearance) Please note this position with Fed Agency and required Active Secret or TS or Interim clearance. Must be able to work on w2 due to the clearance requirement.   Client: Federal Agency   Shift and days: 2 days on-site (any two Wed to Sat - 2 days tele-work)
Location: Sterling, VA  (Hybrid Schedule, 3 days onsite and 1 days telework)
Shift: Wed to Sat (10PM to 8AM)
Interview: Phone or web
Clearance: Active Interim / Secret or higher
Intermediate Security Analyst / Engineer (Tools Prefer: SIEM, Splunk, IPs/IDs)
Five (5) years of experience in IT and 3 years in Information System Security/Cyber Security/Computer Forensics, or Insider Threat.
Work experience and knowledge in; network monitoring, and intrusion detection using host-based and network-based intrusion detection systems (IDS)
and log management applications; testing, installing, patching, and upgrading computer hardware and
operating systems  (Windows, and UNIX) in an enterprise environment; identifying, collecting, processing,
documenting, reporting, cyber security/ incident response events; architecture, engineering, developing and
implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and
upgrading various information security hardware and software applications.
Experience with SIEM tools Information system security, cyber security, computer forensics, insider threat,
information certification & accreditation regulations, Federal standards, industry best practices and guidelines.
Experience using SIEM tools like SourceFire, Splunk, NetWitness, Guidance Software, Digital Guardian, Raytheon (SureView), NMAP, Metasploit,
Request Tracker, Nagios, Intelliview, Nessus and Foundstone.

BS/BA in Computer Science, Information Systems Engineering, Business, Physical Science, or
other technology-related discipline. EDUCATION SUBSTITUTION:
Certificates such as Microsoft’s MCSE, or Cisco’s, CCNA, CCDA or CCIE,
may be considered equivalent to two (2) years of general experience / information technology experience.
The CISSP certificate may be considered equivalent to two (2) years of information security experience.
Dice Id : 90907789
Position Id : 6975355
Originally Posted : 1 year ago
Have a Job? Post it

Similar Positions

Incident Responder - Hybrid
  • Dunhill Professional Search
  • Washington, DC, USA
Cybersecurity Architect/Engineer - Secret Clearance
  • ConsultNet, LLC
  • Dulles, VA, USA
Network Security Analyst Secret Clearance
  • Prism, Inc.
  • Dulles, VA, USA
Cyber Security Specialist Sr.-Arlington
  • Apex Systems
  • Arlington, VA, USA
Sr. Vulnerability Analyst- Secret
  • Prism, Inc.
  • Ashburn, VA, USA
Incident Response (Day & Night Shifts)
  • Prism, Inc.
  • Ashburn, VA, USA
Cyber Security SOC Manager
  • Leidos
  • Washington, DC, USA