Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Tier 1 SOC Analyst
Company Zeneth Technology Partners, LLC
Location Washington, DC
Preferred GIAC Certifications GSEC, GCIH
Travel 0%
Salary Not provided
URL https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=88964daf-e96e-40e1-8670-8ad0ab72df6b&ccId=19000101_000001&type=JS&lang=en_US
Contact Name Melanie Bikowski
Contact Email melanie.bikowski/at/zeneth.com
Expires 2021-06-18

Job Description

Company Description

Zeneth Technology Partners is a top-rated cyber security firm. We are passionate about providing excellent service to our clients both government and commercial. Our collaborative environment encourages creativity, growth, and community, which allows you to have the opportunity to initiate and contribute to challenging projects, while continuing to grow in your professional career. Bring us your creativity, innovation, and your relentless focus on customer service and join a cyber security team at its best!

Job Overview

Candidate is applying for a Tier 1 Analyst to provide Onsite and Offsite support in the Northern Virginia area. The SOC Analysts (Tier I) will be members of high-tech state of the art Security Operations Centers and will actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, and will provide proactive threat research. The SOC Analyst will utilize the latest in security technology and be on the fore-front of incident response on site at our Federal Government Client.

This position is second shift, Monday - Friday

Responsibilities and Duties

• Provide Tier I support by analyzing network traffic and various log data to determine the threat/impact against the network, recommending appropriate countermeasures, facilitating the tracking, handling, and reporting of all security events and computer incidents.
• Remediate and apply lessons learned to security incident investigation and resolution.
• Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure.
• Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases.
• Develop processes that align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center.
• Create custom tool content to enhance capabilities of security operations teams.
• Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure.
• Perform Security Incident Management aligned with NIST standards. Technical writing experience:
• Standard Operating Procedures
• Concept of Operations (CONOPS)
• Incident Response Plans
• Training Exercises
• Tool configurations and content creation

Qualifications

• 1-3 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
• Bachelors’ degree in Computer Science, Information Technology or related technical field. Additional years of experience can be substituted for a degree.
• Experience with Security Information and Event Management (SIEM) Systems, Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, and large Enterprise or Cloud environments.
• Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution.
• Good interpersonal skills to interact with customers, team members and support personnel.
• Strong analytical and problem solving skills for investigating security issues.Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK).
• At least one active security certification
• Experience with one or more of the following tools:
• Azure Advanced Threat Analytics
• Azure Log Analytics
• Windows Defender Security
• McAfee ePO, HIPS
• FireEye NX, EX/ETP, HX, AX
• Cloud App Security, CloudWatch, CloudTrail, Athena, SecurityHub, GuardDuty

Desired Qualifications

• Programming and/or scripting language experience; ideally PowerShell
• Search query language experience & content creation; ideally Kusto
• Project management experience to help build tiger teams for special projects
• MS Office, Visio, PowerBI proficiency