• Tier 2 Security Operations Center Analyst (SOC)

    Job Location US-DC-Washington
    Posted Date 1 month ago(6/21/2018 2:50 PM)
    Job ID
    1657
    Clearance Requirement
    Secret
  • Overview

     

    Strategic Enterprise Solutions, Inc. (SE Solutions) is a proven, results-focused management and information technology services firm committed to support federal agencies that focus on protecting and defending our nation’s homeland security, intelligence, and stability. In a rapidly changing threat landscape, we have the organizational agility, deep homeland security experience, cultural insight and multidisciplinary expertise to help our customers accomplish today’s mission and anticipate tomorrow’s demands, efficiently and cost-effectively.

     

    We are looking for a Tier 2 Analyst to join our SOC engineering team.

    Contributions

     

    The Cyber Security Analyst should be experienced, inquisitive and able to research new highly technical subjects.

    • Identify and dissect highly targeted attacks and other suspicious activity using a variety of network based tools.
    • Provide accurate and rapid reporting of in-depth technical analysis results in written form.
    • Research/Deep Dive into potential exploitation methods.
    • Identify and analyze Network Security appliance logs.
    • Hunt for activity that is not normally detectable through security appliances.
    • Provide mitigation suggestions in the context of a security incident, as it relates to the technical analysis of malware or other attack artifacts.
    • Perform independent research to better understand complex technical problems.
    • Provide oral briefings on complex technical subjects to senior management and other non-technical audiences.
    • Provide open-source Indicators of Compromise
    • Ability to detect APT activity based on established TTPs.

    Desired Skills:

    • Network Forensics Analysis
      • Experience with log correlation utilities like SPLUNK, ArcSight  or Elastic search
      • Experience reviewing network traffic logs to identify malicious activity
      • Experience reviewing and hardening network configuration
      • Experience with Snort or other network-based signature development
      • Monitoring using commercial tools
      • BRO scripting experience is a big plus
    • Static Binary Analysis
      • Use of industry standard tool
      • Experience with one or more programming languages, preferably at least one high level and one low level language. Examples include Python, Java, C, and x86 ASM
      • Proficient with analysis/triage of Windows malware to obtain technical indicators
    • Dynamic Binary Analysis
      • Experience with Disassemblers and Debuggers
      • Proficient with analysis/triage of Windows malware to obtain technical indicators
    • Host Forensic Analysis
      • Experience with tools like EnCase, FTK, Volatility
      • Experience with Yara, OpenIOC, or other host-based signature development
      • Experience across multiple platforms (Windows, Linux, Mac, iOS, Android)

    Qualifications

     

    • Bachelors Degree
    • 6 Years of overall experience with at least five collecting, synthesizing, fusing, or authoring unclassified and classified cyber threat intelligence products.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed