Job Requirements
CA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Now Hiring at AMERICAN SYSTEMS
Epsilon, Inc. has joined AMERICAN SYSTEMS! As one organization, we offer expanded resources, streamlined operations, and increased opportunities for growth and development.
Join us to be part of a dynamic, collaborative environment dedicated to innovation and customer success.
Responsibilities
An Average Day:
As the SOC Analyst II, you will provide tier II cybersecurity support in a Security Operations Center "SOC" environment. Daily responsibilities of the SOC are ever changing, however, you can expect to regularly conduct vulnerability assessments, analyze cyber threats, monitor the email gateway and create reports on all confirmed or suspicious activities. You will work closely with the Tier I and other Tier II personnel to effectively and efficiently provide optimum service to our customers as well as assist with training SOC Analyst I team members when needed. Additionally, in this position you will:
Qualifications
Pay Transparency Statement
AMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $35.60/Hr. - USD $51.83/Hr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.
EEO Statement
EEO Race/Sex/Disability Status/Veteran Status
Epsilon, Inc. has joined AMERICAN SYSTEMS! As one organization, we offer expanded resources, streamlined operations, and increased opportunities for growth and development.
Join us to be part of a dynamic, collaborative environment dedicated to innovation and customer success.
Responsibilities
An Average Day:
As the SOC Analyst II, you will provide tier II cybersecurity support in a Security Operations Center "SOC" environment. Daily responsibilities of the SOC are ever changing, however, you can expect to regularly conduct vulnerability assessments, analyze cyber threats, monitor the email gateway and create reports on all confirmed or suspicious activities. You will work closely with the Tier I and other Tier II personnel to effectively and efficiently provide optimum service to our customers as well as assist with training SOC Analyst I team members when needed. Additionally, in this position you will:
- Use intrusion detection technologies to apply techniques for identifying host and network-based intrusions.
- Create, update, and resolve incident tickets that have been tasked to Tier II and appropriately document all alerts and incidents in the ticketing system.
- Review asset discovery and vulnerability assessment data.
- Lead incidents from alert to resolution:
- Leverage emerging threat intelligence (Indicators of Compromise, updated rules, etc.) to identify affected systems and the scope of the attack.
- Review and collect asset data (logs, configurations, running processes, ) on these systems for further investigation.
- Determine and direct remediation and recovery efforts including tasking of IHT1 as needed.
- Determine and request engineering, forensics, or threat intelligencesupport.
- Inform and brief status of incidents to CSOC manager, CISO, DCIO, or CIO.
- May manage and configure security monitoring tools (SIEM, IDS, Firewall, Access Control Lists, etc.) to mitigate existing threats / vulnerabilities.
- Interface and take guidance from the CSOC manager (government position).
- Review trouble tickets generated by Tier 1.
- Review threat intel and create notifications and share with specified personnel.
- Handle other tasks that tier II level of experience and talent can complete.
- Design incident response for cloud service models.
- Perform damage assessments.
- Preserve evidence integrity according to standard operating procedures or national standards.
- Protect networks against (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
- Recognize and categorize types of vulnerabilities and associated attacks.
- Secure network communications.
- Use security event correlation Tools.
- Identify, capture, contain, and report malware.
- Utilize the SOC standard operating procedures (SOP) to perform daily tasks, resolve incidents and preserve evidence integrity. May provide input for and assist with updating procedures.
Qualifications
- As a requirement of this position, all candidates must be a U.S. Citizen in accordance with 8 U.S.C. 1324b(a)(2)(C) .
- Must hold an active DOD Top Secret Clearance.
- At least three (3) years of professional experience in incident detection and response, malware analysis, or cyber forensics and a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
- Hold at least one certification as required by Dept. of Defense (DoD) 8570.01-M and DoD Directive 8140.01, IAT Level II or higher.
- Must hold at least one of the following additional certifications: CompTIA CASP+, GIAC GCIH, Microsoft AZ-500, Microsoft SC-200, Splunk Core Certified Advanced Power User
- Must have extensive experience working with various security methodologies, standard operating procedures, processes, and workflows. Experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.
- Experience with some or all of the following is required:
- Computer networking concepts, OSI model, and network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services, and network security
- Host/network access control mechanisms (e.g., access control list, capabilities lists).
- network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Network traffic analysis methods and packet-level
- Cyber threats and vulnerabilities; cyber-attack stages, classes of attacks and attackers; cyber defense and information security policies, procedures, and
- Incident response and handling methodologies, incident categories, and timelines for
- Intrusion detection methodologies and techniques for detecting host and network-based intrusions.
- Malware analysis concepts and
- cloud service models and how those models can limit incident
- Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
- System administration, network, and operating system hardening techniques as well as data backup and
- System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- Experience with the following: JIRA (Atlassian issue tracking system), Palo Alto Firewall, SNORT IDS, AlienVault SIEM, Barracuda Mail Spam / Virus Firewall, and HBSS.
- This team operates in a 24/7 shift environment. 1 st , 2 nd and 3 rd shifts run Monday - Thursday or Friday - Monday, are 10 hours per day and rotate every 3 months.
Pay Transparency Statement
AMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $35.60/Hr. - USD $51.83/Hr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.
EEO Statement
EEO Race/Sex/Disability Status/Veteran Status
group id: RTL010594