SOC Analyst

Job#: 3009837 Overview Seize your opportunity to make a personal impact as a SOC Analyst to support a DOD customer. Our client is your place to make meaningful contributions to challenging projects and grow a rewarding career. At our client, people are our differentiator. As a SOC Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a joining our team to defend the customer’s multi-domain, on‑prem and cloud environments. How an SOC Analyst will Make an Impact Interacts with the team daily to deliver on the customer’s requirements. Communicates with the team and other work centers to secure the customer’s cloud and on‑prem environments. Able to work on a team that supports a mission focused customer with high expectations. Triages and resolves events and incidents successfully defending the customer’s environments with multiple boundaries.

Utilizes technical knowledge, interpersonal skills and grit to solve challenging operational requirements. Provide Cyber Security Threat Hunting expertise and deep analysis of raw data from assets supporting Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services Proactively search and identify indicators of compromise and anomalous behavior which is indicative of malicious behavior that has not yet met the event/incident threshold, or has not been detected by automated security tools Assess data from multiple sources and navigate the cyber terrain to identify suspicious behavior Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts Demonstrate systems experience using Security Information and Event Management (SIEM) and Incident Response analysis Knowledge of Network Intrusion Detection System/Intrusion Prevention Systems (NIDS/IPS) as well as Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS) Knowledge of Security Orchestration Automation and Response (SOAR), Endpoint and Network Detection and Response (EDR/NDR) and User Behavior Analytics (UBA) Ability to demonstrate strong analytical and problem‑solving, and also leverage interpersonal, organizational, writing, communications, and briefing skills Ability to work within a team environment to meet security challenges, by documenting requirements and researching solutions, and providing recommendations for resolution Will use experience developing in Bash, Perl, Shell, PowerShell, SQL, D3, HTML, XML, CSS, Bash, JAVA and/or Python scripts, and experience writing Splunk queries in Splunk Programming Language (SPL). Education Bachelors Required Experience 5+ years Required Technical Skills Security+, CEH Security Clearance Level TS/SCI Required Skills and Abilities Effective communication, problem solving, attention to detail Preferred Skills Splunk Enterprise Security, Admin, Splunk Programming Language, AWS Security, User Behavior Analytics, Endpoint Detection & Response, Network Detection and Response, Intrusion Detection System, Intrusion Prevention Systems Location On Customer Site Citizenship Required US Citizenship #J-18808-Ljbffr