Previous Job
Previous
SOC Analyst
Ref No.: 18-04219
Location: Herndon, Virginia
Position Type:Right to Hire
Start Date: 03/20/2018

My direct client in Herndon, a global leader in cyber security, is hiring a Tier 4 SOC Analyst!

Job Title: SOC Analyst Tier 4
Location: Herndon, VA
Duration: 6 Month Contract to Hire 
Start Date: ASAP

My top-tier client is currently seeking candidates for an experienced SOC Analyst. This is an exciting opportunity to be part of a key team of cyber security professionals supporting full life cycle cyber security operations. We are seeking an individual that can bring in-depth security analysis and handling expertise to support daily operations and help grow and mature our current SOC environment. As a SOC Analyst you will directly support the Security Operations Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response. Additionally, the SOC Analyst will help develop and enhance detection and response capabilities including creation of robust SIEM content, IDS rules, SOP documentation, and implementation of incident response methodologies.

Responsibilities:
• Collect data and context necessary to analyze and triage alerts.
• Create tickets to document investigations.
• Determine criticality of incident.
• Act as an escalation point for junior analysts.
• Perform in-depth analysis and end-to- end investigations, from detection to remediation.
• Conduct incident response activities such as host triage, malware analysis, remote system analysis,
end-user interviews, remediation efforts, and compile detailed investigation reports.
• Act as scribe during critical incidents.
• Operate as Incident Handler during critical incidents.
• Develop new and provide feedback on existing SIEM use cases.
• Evaluate existing technical capabilities and systems to identify opportunities for improvement.
• Maintain Standard Operating Procedures.
• Develop security training programs to advance analyst skills and knowledge.
• Perform threat hunting activity independent of standard event alert channels.
• Collaborate with cross-functional business units to advance security operations goals.

 
Qualifications:
• Minimum 6 years of comparable experience.
• Experience and background in cyber security operations and incident response.
• Experience working in fast paced environments with the ability to manage workload during times of
stress or escalated activity.
• Comfortable with impromptu tasking and loosely defined requirements.
• Excellent interpersonal, organizational, communication, and writing skills.
• Detail oriented with excellent analytical and investigative skills.
• In-depth technical knowledge in at least two of the following: Windows disk and memory forensics,
Unix or Linux disk and memory forensics, network traffic analysis, static and dynamic malware
analysis.
• Solid understanding of IT operations, such as help desk, end-point management, and server
management.
• Strong understanding of security operations concepts, such as perimeter defence [AUS] /defense
[US], BYOD management, data loss protection, insider threat, adversary lifecycle analysis, risk
assessment, and security metrics.
• Clear understanding of adversary motivations, such as cybercrime, hacktivism, cyber espionage.
• Good understanding of basic cyber-intelligence techniques.
• Understanding of basic computer science concepts, such as algorithms, data structures, databases,
operating systems, networks, and tool development.
• Proficient with Splunk


If qualified and interested please send a current copy of your resume to Mark at Mark.Kindy@mondo.com!