Mid Security Operations Center Analyst II

Mid Security Operations Center Analyst II

We are strictly looking for someone with 5+ years of total experience and someone with certifications listed in the job posting below.
Role Description:
The Security Operations Center Analyst II position will be a member of a dedicated security team within Client Consulting Federal. In this role, the SOC analyst will support a dedicated 24x7x365 operation for a Federal program. The SOC Analyst will provide in-depth analysis of potential security events / anomalies based on alerts, events, and tips that have been initially triaged by tier 1 analyst. The SOC Analyst will leverage all available enterprise security tools, knowledge sources, and data artifacts to determine the who, what, when where and why of a potential security event. When required, the SOC Analyst will assist to coordinate the execution and implementation of all actions required for the containment, eradication, and recovery from cybersecurity events and incidents.

Specific job duties include:

• 5+ years of experience working in a 24x7x365 SOC environment
• Analyzing system and network logs for security events, anomalies, and configuration issues.
• Experience working with SIEM technology to monitor and manage security events.
• Job Duty 1 with % of time 50% SIEM Monitoring and security analysis
• Job Duty 2 with % of time -20% Incident Investigation, Analysis, and Reporting
• Job Duty 3 with % of time -10% Vulnerability Analysis
• Job Duty 4 with % of time -10% Ticket Management
• Job Duty 5 with % of time 10% mentoring T1 analysts

Required skills/Level of Experience:

• 5+ years of experience working in a 24x7x365 SOC environment
• Analyzing system and network logs for security events, anomalies, and configuration issues.
• Experience working with SIEM technology to monitor and manage security events.
• Background in incident response, system/network operations and threat intelligence.
• Experience utilizing enterprise security technologies such as SIEM/SOAR, NGAV/EDR, Vulnerability scanners, and Threat Intelligence Platforms.
• Understanding of enterprise environments, specifically cloud-based and hybrid cloud environments.
• Understanding of common cyber intrusion frameworks such as Cyber Kill Chain, Diamond Model, MITRE Telecommunication&CK with the ability to train others
• Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.
• Understanding of possible attack activities such as network reconnaissance probing/ scanning, DDOS, malicious code activity, etc.
• 5+ years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
• Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell
• Experience in two or more of these specialized areas: Insider Threat, Digital media forensic, Monitoring and detection, Incident Response.
• CEH, CFR, CCNA Cyber Ops , CCNA-Security, CySA+ **, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+
• Understanding and experience with Federal Security Standards such as NIST and DoD
• Understanding and experience with FedRAMP Cloud Security Requirements

Security clearance: Able to obtain Public Trust Clearance.