Today

Top Secret

Unspecified

IT - Security

Huntsville, AL (On-Site/Office)

ManTech seeks a SOC Analyst to support a 24x7x365 SOC. This position is located on customer site in Huntsville, AL. There are three (3) shifts available: Morning, Afternoon/Evening and Night with rotation to support to weekends/holidays.

Your duties include analyzing relevant cyber security event data and other data sources for attack indicators and potential security breaches; produce reports, assist in coordination during incidents; and coordinate with the engineering team to ensure all security monitoring systems are on-line, up to date, and fully operational.

Responsibilities for this position include but are not limited to:

Monitoring intrusion detection and prevention systems and other security event data sources daily.
Determining if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures.
Correlating data from SIEM / Splunk and Endpoint Detection and Response (EDR) systems with data from other sources such as firewall, web server, and Syslogs.
Tuning and filtering of events and information, creating custom views and content with the assistance of the Engineering and DevOps team.
Conducting hunting, monitoring, analyzing, and responding to threats, contribute to Computer Network Defense, and create solutions to augment Defensive Cyber Operations.
Coordinating with the DevOps and engineering team to ensure production SOC systems are operational and maintained.
Reviewing data with the Cyber Threat Intelligence Team, Incident Response Team and other appropriate groups to determine the risk and threat of an event.
Documenting procedures for handling each security event detected.
Creating custom queries and develop new use cases to better correlate security event information.
Identifying misuse, malware, or unauthorized activity on monitored networks and infrastructure.
Maintaining proficiency and skills through relevant training, on-the-job training, and self-study.
Developing and/or maintaining CSIRT Standard Operating Procedures (SOPs) and/or Playbooks, which define repeatable processes for activities such as analysis, reporting, and incident response.

Minimum Qualifications:

5+ years of IT experience with 2+ years as a SOC analyst or other cyber related position.
Experience with using Splunk SIEM.
Experience with incident detection and response, security analysis and support for incident response and post incident analysis.

Preferred Qualifications:

Bachelor's degree in computer science or related field.
1+ year experience monitoring cloud environments
Experience using Microsoft Sentinel.

Prefer 1 or more of the following certifications:

GIAC Continuous Monitoring Certification (GMON)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Network Forensic Analyst (GNFA)
GIAC Cloud Forensics Responder (GCFR)
GIAC Cloud Threat Detection (GCTD)

Clearance Requirement:

Must have an Active Top Secret with the ability to obtain SCI eligibility prior to starting this position.

Physical Requirements:

Must be able to remain in a stationary position 50%
Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

group id: RTX14564a

Recruiter

ManTech Corporate Capabilities

SOC Analyst

ManTech International

ManTech International Jobs

Location

Job Category

Clearance Level

Employer