Washington, DISTRICT OF COLUMBIA
A level 1 Security Analyst executes procedures as a matter of daily responsibility. The role of a Security Operations Center (SOC) Analyst is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures.
- Monitoring the SOC situational awareness and automation systems for security events and closing or escalating those events as necessary
- Identifying, categorizing, prioritizing, and investigating events rapidly, utilizing triage and response capabilities that include logs from:
- Firewalls and network devices
- Infrastructure servers and end-user systems
- Threat intelligence platforms
- Application logs and web-application firewalls
- Identity and access management systems
- Cloud and hybrid-IT provisioning, access, and infrastructure systems
- Antivirus systems
- Intrusion prevention systems
- Monitoring incoming event queues for potential security incidents
- Performing initial investigation and triage of potential incidents, and escalate or close events, as applicable
- Monitoring SOC ticket and email queue for potential event reporting from outside entities and individual users
- Maintaining SOC shift logs with relevant activity from the shift
- Documenting investigation results, ensuring relevant details are passed to level 2 analyst for final event analysis
- Conducting security research and intelligence gathering on emerging threats and exploits
- Performing additional auxiliary responsibilities, as assigned by SOC Manager
- Must be US Citizen and able to obtain position of Public Trust designation
- Demonstrated excellent written and oral communication skills
- 1+ years’ experience as a Security/Network Administrator or equivalent knowledge.
- Familiarity with Linux, Windows and forensic evidence concepts
- Familiarity with static and dynamic malware analysis desired
- Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
- Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
- Knowledge of common Internet protocols and applications.
- Proficient computer skills including Microsoft Office
- Effective oral and written communication skills
- Active listening skills
- Ability to assess and evaluate situations effectively
- Ability to identify critical issues quickly and accurately
- CompTIA Security +, GIAC Security Essentials Certification, or GIAC Certified Incident Handler highly desired
- Familiarity with audit support and response, and regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS)
- Highly self-motivated and strong attention to detail
- Ability to effectively prioritize and execute tasks in a complex environment
- Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc.
- Bachelor’s degree in a related field.*
*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degreeApply