Job Requirements
Washington, DC
Secret Polygraph Unspecified
Career Level not specified
$100,000 - $130,000
Job Description
Senior SOC Analyst - Back-Half Night Shift
Washington, DC - Onsite
ACTIVE TOP-SECRET CLEARANCE
$100K-$130K
We are seeking SOC Analyst for multiple opportunities that are 100% onsite in Washington, DC. ALL APPLICANTS MUST HAVE AN ACTIVE TOP-SECRET CLEARANCE. NO EXCEPTIONS!!!!
Must be willing to work the following 12-hour shift, including Holidays:
7 pm-7 am Thursday-Saturday and every other Wednesday
You will be required to take an in-person hands-on keyboard interview assessment to be considered.
There is a mandatory 90-day probationary period of performance.
Must have at least 5-8 years of experience.
MUST be proficient in the following areas:
• Must be currently supporting 24x7x365 SOC or Cyber Watch operations for a Federal Government agency.
• Must have the ability to assess complex environments, establish situational awareness, and immediately contribute to mission success.
• Must be a self-starter with the ability to quickly assume responsibilities and make an immediate positive impact on team objectives.
• Must be able to work with minimal to no supervision.
• Must be able to learn new technologies and techniques provided by the SOC Chief as well as "On your own".
• Must be able to read, write, and comprehend at the advanced level.
• Must be able to read, comprehend, and apply standard operating procedures, playbooks, and directives provided by the SOC Chief.
• Must have applied knowledge of the full Triage & incident response process to determine if an event is a true positive or false positive.
• Must be able to hypothesize during an event to determine an outcome.
• Must have intermediate-advanced understanding of various cyber-attacks (new and old) across various platforms and environments including Active Directory, Windows, Linux. Cloud is a plus.
• Must know how to perform and create intermediate-advanced custom Splunk searches in Splunk Enterprise Security to obtain various information for various cyber investigations as needed and/or requested by senior leadership.
• Must know how to perform intermediate-advanced threat hunting in Splunk for various cyber-attacks including, but not limited to: Active Directory Attacks, User Behavior Analysis, Privileged User activity, Advanced Persistent Threat (APT) activity, and other ad hoc searches as needed and/or requested
• Must be able to perform intermediate-advanced level root-cause analysis using various native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds, EnCase, AWS Guard Duty, AWS Security Hub)
• Must be able to perform intermediate-advanced level host-based log and registry analysis.
• Must be able to perform intermediate-advanced level log correlation to investigate various cyber events and incidents using native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds, EnCase, AWS Guard Duty, AWS Security Hub)
• Must have intermediate-advanced understanding and applied knowledge of networking fundamentals to include, but not limited to most common ports and protocols, what they are, and how they work)
• Must have an intermediate-advanced understanding and applied knowledge of command line tools to obtain information needed for triage analysis including, but not limited to windows command line, Linux command line, PowerShell, etc.
• Must be able to assist junior level analysts with various investigations as needed.
• Prior Help desk and system administrators with ticket handling, Active Directory, and command line scripting experience preferred and are encouraged to apply.
Education Requirements
A bachelors or higher degree is highly preferred and a DOD IAT III certification
Clearance Requirements
Active Top-Secret with SCI/Q eligibility
Washington, DC - Onsite
ACTIVE TOP-SECRET CLEARANCE
$100K-$130K
We are seeking SOC Analyst for multiple opportunities that are 100% onsite in Washington, DC. ALL APPLICANTS MUST HAVE AN ACTIVE TOP-SECRET CLEARANCE. NO EXCEPTIONS!!!!
Must be willing to work the following 12-hour shift, including Holidays:
7 pm-7 am Thursday-Saturday and every other Wednesday
You will be required to take an in-person hands-on keyboard interview assessment to be considered.
There is a mandatory 90-day probationary period of performance.
Must have at least 5-8 years of experience.
MUST be proficient in the following areas:
• Must be currently supporting 24x7x365 SOC or Cyber Watch operations for a Federal Government agency.
• Must have the ability to assess complex environments, establish situational awareness, and immediately contribute to mission success.
• Must be a self-starter with the ability to quickly assume responsibilities and make an immediate positive impact on team objectives.
• Must be able to work with minimal to no supervision.
• Must be able to learn new technologies and techniques provided by the SOC Chief as well as "On your own".
• Must be able to read, write, and comprehend at the advanced level.
• Must be able to read, comprehend, and apply standard operating procedures, playbooks, and directives provided by the SOC Chief.
• Must have applied knowledge of the full Triage & incident response process to determine if an event is a true positive or false positive.
• Must be able to hypothesize during an event to determine an outcome.
• Must have intermediate-advanced understanding of various cyber-attacks (new and old) across various platforms and environments including Active Directory, Windows, Linux. Cloud is a plus.
• Must know how to perform and create intermediate-advanced custom Splunk searches in Splunk Enterprise Security to obtain various information for various cyber investigations as needed and/or requested by senior leadership.
• Must know how to perform intermediate-advanced threat hunting in Splunk for various cyber-attacks including, but not limited to: Active Directory Attacks, User Behavior Analysis, Privileged User activity, Advanced Persistent Threat (APT) activity, and other ad hoc searches as needed and/or requested
• Must be able to perform intermediate-advanced level root-cause analysis using various native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds, EnCase, AWS Guard Duty, AWS Security Hub)
• Must be able to perform intermediate-advanced level host-based log and registry analysis.
• Must be able to perform intermediate-advanced level log correlation to investigate various cyber events and incidents using native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds, EnCase, AWS Guard Duty, AWS Security Hub)
• Must have intermediate-advanced understanding and applied knowledge of networking fundamentals to include, but not limited to most common ports and protocols, what they are, and how they work)
• Must have an intermediate-advanced understanding and applied knowledge of command line tools to obtain information needed for triage analysis including, but not limited to windows command line, Linux command line, PowerShell, etc.
• Must be able to assist junior level analysts with various investigations as needed.
• Prior Help desk and system administrators with ticket handling, Active Directory, and command line scripting experience preferred and are encouraged to apply.
Education Requirements
A bachelors or higher degree is highly preferred and a DOD IAT III certification
Clearance Requirements
Active Top-Secret with SCI/Q eligibility
group id: 10290999