Level 1 Security Operations Center (SOC) Analyst

Job Summary:

A level 1 Security Analyst executes procedures as a matter of daily responsibility. The role of a Security Operations Center (SOC) Analyst is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures.

Responsibilities:

  • Monitoring the SOC situational awareness and automation systems for security events and closing or escalating those events as necessary
  • Identifying, categorizing, prioritizing, and investigating events rapidly, utilizing triage and response capabilities that include logs from:
    • Firewalls and network devices
    • Infrastructure servers and end-user systems
    • Threat intelligence platforms
    • Application logs and web-application firewalls
    • Identity and access management systems
    • Cloud and hybrid-IT provisioning, access, and infrastructure systems
    • Antivirus systems
    • Intrusion prevention systems
  • Monitoring incoming event queues for potential security incidents
  • Performing initial investigation and triage of potential incidents, and escalate or close events, as applicable
  • Monitoring SOC ticket and email queue for potential event reporting from outside entities and individual users
  • Maintaining SOC shift logs with relevant activity from the shift
  • Documenting investigation results, ensuring relevant details are passed to level 2 analyst for final event analysis
  • Conducting security research and intelligence gathering on emerging threats and exploits
  • Performing additional auxiliary responsibilities, as assigned by SOC Manager

Requirements: (Clearance/Citizenship)

  • Must be US Citizen and able to obtain position of Public Trust designation
  • Demonstrated excellent written and oral communication skills
  • 1+ years’ experience as a Security/Network Administrator or equivalent knowledge.
  • Familiarity with Linux, Windows and forensic evidence concepts
  • Familiarity with static and dynamic malware analysis desired
  • Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
  • Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
  • Knowledge of common Internet protocols and applications.
  • Proficient computer skills including Microsoft Office
  • Effective oral and written communication skills
  • Active listening skills
  • Ability to assess and evaluate situations effectively
  • Ability to identify critical issues quickly and accurately
  • CompTIA Security +, GIAC Security Essentials Certification, or GIAC Certified Incident Handler highly desired

Experience:

  • Familiarity with audit support and response, and regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS)
  • Highly self-motivated and strong attention to detail
  • Ability to effectively prioritize and execute tasks in a complex environment
  • Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc.

Education:

  • Bachelor’s degree in a related field.*

*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree

Apply
Back To All Positions

COMSEC Support Lead

Joint Base Andrews, MARYLAND

Read More

Security Operations Center (SOC) Manager

Washington, DISTRICT OF COLUMBIA

Read More

Level 2 Security Operations Center (SOC) Analyst

Washington, DISTRICT OF COLUMBIA

Read More

Payroll Supervisor

McLean, VIRGINIA

Read More