Job Description

Role: Junior Security Operations Center Analyst I

Location: Remote

Duration: 12+ Months Contract

Role Description:

In this role, the Jr. SOC analyst will support a dedicated 24x7x365 operation for a Federal program. The Jr. SOC Analyst will be responsible for monitoring for alerts for potential threats & security anomalies, analyzing content of those alerts & providing a written analysis for each. The analyst will work closely with Tier 2 SOC analysts who will serve as their escalation point.

Position requires:

• Analyzing system and network logs for security events, anomalies, and configuration issues.
• Experience working with SIEM technology to monitor and manage security events.
• Background in incident response, system/network operations and threat intelligence.
• Experience utilizing enterprise security technologies such as SIEM/SOAR, NGAV/EDR, Vulnerability Scanners, and Threat Intelligence Platforms.
• Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.

• Understanding of possible attack activities such as network reconnaissance probing, DDOS, malicious code activity, etc.
• Experience SOC operations including but not limited to: Alert and notification activities- analysis / triage / response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported Incidents.
• Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response.
• Experience and ability to use and follow Standard Operating Procedures (SOPs).
• In-depth experience with processing and triage of Security Alerts; from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources.
• Demonstrated experience with triage and resolution of SOC tasks; including but not limited to: vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis.
• Demonstrated experience and understanding of event timeline analysis and correlation of events between log sources.
• Demonstrated experience of the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools.
• Demonstrated proficiencies with an enterprise SIEM or security analytics solution including the Elastic Stack or Splunk.
• Solid understanding and experience analyzing security events generated from security tools and devices not limited to: Crowdstrike and Palo Alto.
• Experience and solid understanding of Malware analysis.
• Understanding of security incident response processes.
• Sec+CE, CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+ **, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+.
• Understanding and experience with Federal Security Standards such as NIST and DoD.

Level of Experience & Preferred Education:

• Bachelor s degree
• Minimum 3 years experience

Nice to Have Skills:

• Understanding and experience with Federal Security Standards such as NIST and DoD.
• Understanding and experience with FedRAMP Cloud Security Requirements.

Clearance:

• Candidate must be able to obtain a current US Federal Public Trust clearance (or higher)

Job Tags

Similar Jobs