• SOC Analyst - Tier 2 - Night Shift

    Job Location US-VA-Herndon
    Posted Date 3 weeks ago(6/27/2018 10:55 AM)
    Job ID
    1648
    Clearance Requirement
    Secret
  • Overview

    Strategic Enterprise Solutions, Inc. (SE Solutions) is a proven, results-focused management and information technology services firm committed to support federal agencies that focus on protecting and defending our nation’s homeland security, intelligence, and stability. In a rapidly changing threat landscape, we have the organizational agility, deep homeland security experience, cultural insight and multidisciplinary expertise to help our customers accomplish today’s mission and anticipate tomorrow’s demands, efficiently and cost-effectively.

     

    SE Solutions IT security professionals to support federal agencies in the in the development and application of a comprehensive cybersecurity solutions including risk management, incident response, continuous monitoring, ongoing authorization, security architecture and engineering, and penetration testing.  SE Solutions is currently looking for experienced Security Analysts for Tier 2 night shift. 

     

    Contributions

    • Security Analysts shall act as a member of a team that provides support to monitor and analyze security events and alerts reported by the SIEM on a 24x7 basis to identify and investigate suspicious or malicious activity, or other events which violate DHS policy.
    • Personnel shall be familiar with analyzing security logs and events from the following types of devices: Firewalls, NIDS, HIDS, Proxy/web filter, vulnerability scans, routers, router IP accounting systems (i.e., Cisco NetFlow), Virtual Private Network (VPN) gateways/concentrators, server event logs, e-mail and host anti-virus, desktop security monitoring agents, Anti-Virus servers, Internet Protocol services (i.e. DNS, DHCP).
    • Personnel shall open a case in the SOC ticket management system for all security investigations performed, or security incidents handled, as part of this service.
    • Security Analysts shall collect and maintain information pertinent to security investigations and incidents in a form which can support current and/or future analysis, situational awareness, and law enforcement investigation efforts.
    • Personnel shall be able to engage and coordinate incident remediation procedures with appropriate IT infrastructure operations and management team (IO&M); i.e. the IT Infrastructure Provider Operations Team, IR Team, Engineering and Architecture Team, etc.; to request additional information during the course of determining, confirming, and validating the veracity of a security event, as required. Analysts shall provide support with the maintenance of all email or any record of correspondence associated with all security events and incident investigations within the SOC ticket management system to serve as an audit trail record.
    • Personnel shall be able to identify and perform initial triage of security feeds outages, and support the remediation by the appropriate IT IO&M team.
    • Personnel shall act as a member of the team that provides 24x7 monitoring and analysis of available; i.e. open source, US-CERT, DHS, FOUO indicators from HSDN, trusted third parties, social media, etc.; sources of threat data to assess the potential risks it may present against the infrastructure.

     

    Qualifications

    MINIMUM EDUCATION AND EXPERIENCE

    • Cybersecurity certifications required (e.g. Security+, GSEC or equivalent).
    • Minimum of three (3) years of experience in incident detection and response, malware analysis, or cyber forensics, with a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.

     

    REQUIRED SKILLS

    • Must possess strong organizational, analytical and attention to detail skills
    • Must have the ability and prior experience with analyzing information technology security events to discern events that qualify as a legitimate security incidents as opposed to non-incidents. This includes the identification of malicious code present within a computer system as well identification of malicious activities present within a computer system and/or enterprise network.
    • Must have experience working with a ticket management system to collect, document and maintain information pertinent to security investigations and incidents
    • Must possess excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings
    • Must possess experience in monitoring the operational status of monitoring components and escalating and reporting outages of the components
    • Must possess a working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks. A conceptual understanding of Windows Active Directory is also required.
    • Must possess a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
    • Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms that perform log collection, analysis, correlation, and alerting is also required.
    • Must have experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment.
    • Must possess experience in collecting and maintaining information pertinent to security investigations and incidents in a format that supports analysis, situational awareness reporting, and law enforcement investigation efforts

     

    About SE Solutions

    Strategic Enterprise Solutions, Inc. (SE Solutions), is a small business serving federal agencies that protect our nation’s security and defend our fellow citizens’ safety. We bring homeland security experience, organizational agility, and multidisciplinary expertise to help our clients respond to a rapidly changing threat landscape, accomplish today’s mission, and anticipate tomorrow’s demands. For more information, visithttp://www.sesolutions.com.

     

    We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. SE Solutions participates in the E-Verify program. 

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed