SOC Analyst 2
Organization: Department of Education
Location: Washington, DC
Labor Category: SOC Analyst 2
Terms: Full Time Employment
Salary: Based on experience, education and certification
Clearance: Top Secret
Monitor network traffic for security events and perform triage analysis to identify security incidents.
Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with SOC requirements. Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
- The ability to take lead on incident research when appropriate and be able to mentor junior analysts.
- Experience managing cases with enterprise SIEM systems like Arcsight, Splunk or Sourcefire.
- Working knowledge of any of the following tools is required: McAfee EPO, Symantec Endpoint, RSA | Security Analytics, NIKSUN, Wireshark or other information security tools.
- Conduct research on emerging security threats.
- Provides correlation and trending of Program’s cyber incident activity.
- Develops threat trend analysis reports and metrics.
- Supports SOC analysis, handling and response activity.
- Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
- Author Standard Operating Procedures (SOPs) and training documentation when needed. Shift work is required.
- Bachelors or equivalent experience
- 3-4 years in an Incident Responder/Handler role
- Deep packet and log analysis
- Some Forensic and Malware Analysis
- Cyber Threat and Intelligence gathering and analysis
- Must have at least one (1) certification in the field of information security from a respectable security organization. Desirable certifications include, but not limited to:
- GCIH, GCIA, GCFE, GREM, GCFA, GSEC
- Security +
- CEH, CISSP, CCNA (Security) or equivalent Certifications.
- Ability/experience in training and supervising junior analysts.