Back to Jobs

Security Operations Center Analyst 2

Pay Ranges: $32.24 to $42.41 per hour, based on experience Job Description: -Investigates and analyze all response activities related to cyber incidents within the network environment or enclave. Collects data from a variety of Computer Network Defense (CND) tools, including intrusion detection system alerts, firewall, and network traffic logs, and host system logs to analyze events that occur within their environment. -Provides operations for persistent monitoring of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events. Executes first-level (initial) responses and addresses reported or detected incidents. Conducts network of software vulnerability assessments and penetration testing utilizing reverse engineering techniques. -Perform vulnerability analysis and exploitation of applications, operating systems, or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and perform root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. -Resolves highly complex malware and intrusion issues. Contributes to the design, development, and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations. May prepare and presents technical reports and briefings. May perform documentation, vetting, and weaponization of identified vulnerabilities for operational use. Certification Requirements: -Required SANS GCIH or GCIA; CISSP -Bachelor’s Degree and 2 years of experience. Master’s Degree and 0 years of experience. -Relevant professional certification can be substituted for a bachelor’s degree. Special Requirements: -Hybrid (May occasionally have to come onsite for training or support project efforts) -Onsite: <10% -First, Second and Third shifts are available - Demonstrated experience performing cybersecurity event analysis/triage in a SOC environment - Network/Systems administration background preferably across multiple combinations of operating systems, network perimeter devices, and systems…cloud is a plus - Experience with network security tools: SIEM, SOAR, Endpoint detection, forensics appliances, and working knowledge of cybersecurity frameworks like MITRE ATT&CK, Cyber Kill Chain - Self-starter/team player able to work as part of a distributed virtual team - Coding ability: scripting, Python, PowerShell

Category: Other

Information
Please refer to the Hiring Company website for additional information on this category.