Security Operations Center (Soc) Analyst, Senior

Details of the offer

Job Title:
Security Operations Center (SOC) Analyst, Senior

Overview:
EverWatch is a government solutions company providing advanced defense, intelligence, and deployed support to our countrys most critical missions.
We are a full-service government solutions company.
Harnessing the most advanced technology and solutions, we strengthen defenses and control environments to preserve continuity and ensure mission success. EverWatch is an Equal Opportunity/Affirmative Action Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age (40 or older), disability, genetic information, citizenship or immigration status, and veteran status or any other factor prohibited by applicable law. EverWatch employees are focused on tackling the most difficult challenges of the US Government.
We offer the best salaries and benefits packages in our industry - to identify and retain the top talent in support of our critical mission objectives.



Responsibilities:
We are looking for an experienced Security Operations Center (SOC) Tier II Analyst to improve monitoring strategies and analyze threats to safeguard infrastructure supporting global missions focused on seeking out and eliminating cyberspace threats to defend the United States and its Allies.
You will guide the team on best practices and security measures.
You'll configure defense tools, create reports, and dashboards and build custom queries.
You will make recommendations to leadership on best practices to harden infrastructure and improve alerting.
You'll lead incident response and remedy potential incidents escalated from Tier 1 SOC Analysts.
You'll work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact.
You will guide efforts to assess how many systems are affected and assist recovery efforts.
You'll combine threat intelligence, event data, and assessments from recent events to identify patterns and provide mitigation techniques and strategies.
Finally, you will apply knowledge of attacker techniques to uncover threats by analyzing log data, and building and tuning detections.



Qualifications:
Qualifications: 6+ years of experience in modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident responseExperience with writing detections within SIEM solutions, including Splunk, ArcSight, ElasticSearch, or Azure SentinelExperience with Intrusion Detection System or Intrusion Prevention System (IDS/IPS) monitoringKnowledge of the basic functions and configurations of Bro or ZeekKnowledge of OS internals, including Windows, Linux, or MacKnowledge of common security threats and vulnerabilitiesAbility to perform Nessus scans and review results, firewall configurations, and Linux hosts for indicators of compromise and hardening of Linux systemsTS/SCI clearance with a polygraphBachelor's degreeIAT Level II Certifications Nice If You Have: Experience in creating and debugging Splunk Dashboards and creating Snort rules Experience with security subjects and trends, including digital forensics, reverse engineering, and penetration testingExperience with security principles in virtual and hosting software, including MISP, HIVE, CORTEX, WikiJS, VPN, and SecurityOnionExperience with leading teams in a technical capacityExperience with leveraging common scripting languages, including PowerShell or Python to parse logs and automate repeatable tasksAbility to use Splunk to hunt for indicators of compromise, create Splunk Dashboards, and review logsAbility to code or script using any languageAbility to partner and collaborate with teams, both internal and external, including developers, vendors, analysts, tech leads, and project managersDOD 8570 CSSP Analyst Certification GCIA, GSLC, GCIH, CISM, CISSP, or- CEH Certifications

Clearance Level:
TS/SCI polygraph

Job Locations:
US-MD-Annapolis Junction

Skills:
SIEM, Intrusion Detection


Nominal Salary: To be agreed

Source: Appcast_Ppc

Requirements

Information Security Technician

ABOUT At any given moment, hundreds of complex networked computer systems are operating in tandem to keep ships and submarines operating at their best. The s...


From U.S. Navy - Maryland

Published 7 days ago

Python Private Tutoring Jobs

We are looking for students, professionals, retirees or anyone with a passion to share, to join the largest community of teachers worldwide! If you have free...


From Superprof - Maryland

Published 7 days ago

Full-Stack Engineer At Early-Stage Consumer Social App

Cheez (https://cheez.cc/wayupeng) is a new app that sends you the pictures that your friends take of you, powered by facial recognition. Responsibilities: ...


From Cheez - Maryland

Published 7 days ago

Intelligence And Information Security - Officer Careers - Nj, Pa, De, Md

These careers bring the expertise in all facets of Information Operations, making sure our fleet is capitalizing on the information vulnerabilities of our ad...


From U.S. Navy - Maryland

Published 7 days ago

Built at: 2024-11-07T07:42:56.579Z