SOC Analyst
Washington, DC, United States
ECS is seeking a SOC Analyst to work in our Washington, DC office.
Job Description:
Perform hunting for malicious activity across the network and digital assets
Respond to computer security incidents and conduct threat analysis
Identify and act on malicious or anomalous activity
Mentor and lead SOC Tier 1 Analysts in cybersecurity techniques and processes
Manage six directly reporting Tier 1 Analysts, and act as deputy manager to an additional six Tier 1 analysts reporting to a sub-contractor.
Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
Perform detailed investigation and response activities for potential security incidents
Provide accurate and priority driven analysis on cyber activity/threats
Perform payload analysis of packets
Recommends implementation of counter-measures or mitigating controls
Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
Create and continuously improve standard operating procedures used by the SOC
Resolve or coordinate the resolution of cyber security events
Monitor incoming event queues for potential security incidents
Create, manage, and dispatch incident tickets
Monitor external event sources for security intelligence and actionable incidents
Maintain incident logs with relevant activity
Analyze the performance of the team through metrics and reporting
Participate in root cause analysis or lessons learned sessions
Participate in on-call rotation
Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
Salary Range: $60,000 - $70,000
General Description of Benefits
Required Skills:
Bachelor's degree in Computer Science or related field or equivalent work experience
Perform hunting for malicious activity across the network and digital assets
Respond to computer security events, incidents and conduct threat analysis
2years of Information Technology experience, with at least 2 years of experience in information security working within security operations and 2years' experience monitoring threats via a SIEM console
Detailed understanding of NIST Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide
Exceptional working knowledge of TCP/IP Networking and the OSI model
In-depth knowledge of the Intelligence driven defense utilizing the Cyber Kill Chain (CKC)
Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
Significant experience with packet analysis (Wireshark) and Malware analysis
Strong working knowledge of Splunk preferred
Strong customer service skills and decision-making skills
Strong working knowledge of Windows and Linux command-line tools, networking protocols, systems administration and security technologies
Strong working knowledge Hypertext Transfer Protocol response status codes
Experience creating actionable content for a diverse range of commercial security tools and/or SIEM technologies
Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
Desired Skills:
Minimum of 2 years' experience in SOC/CIRT with 2-3 years of specific experience as a Lead Analyst preferred
Experience with Splunk and Microsoft Defender for Endpoint preferred
Previous SOC/ CIRT experience at a federal agency similar in size, scope, and complexity
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
#J-18808-Ljbffr