SOC Security Analyst
This job is no longer active.
View similar jobs.
POST DATE 8/20/2020
END DATE 9/19/2020
Colorado Springs, CO
JOB DESCRIPTIONJob Description Summary
This exciting position fills a critical role within our Security Operations Center (SOC). Work with a team of dedicated professionals on an operations floor designed by security professionals, for security professionals. Providing mission assurance through network defense, our team protects an enterprise network across the globe. The Security Operations group works hand in hand as a trusted partner with our Information Technology Department, Project teams, and our Business Development groups. The work location for this position is in Colorado Springs, CO.
The DETECT team member is a security analyst with knowledge and experience in networking, security event monitoring and intrusion detection. The primary function of the DETECT team is to identify and investigate anomalous host and network activity through continuous monitoring. This job function includes the triage/categorization of potential Events and Incidents, initial evidence collection, case creation, and coordination/hand-off to other teams as necessary. Additional responsibilities include configuration of various security systems to aid in the discovery of Indicators of Compromise (IOCs), use of threat intel and hunting without IOCs, and contributing to SOC documentation such as standard operating procedures, playbooks, briefings and executive reports. Must be extremely motivated with an investigative mindset and an absolute passion for catching and stopping malicious threat actors. The ideal candidate is a self-starter with strong understanding of network security tools, attack methodologies, operating systems, general networking, and enterprise security environments. While the focus of this position is the corporate network, DETECT may occasionally contribute to the security of classified environments.
* A Bachelor's Degree in computer engineering, computer science, or another closely-related IT discipline.
* At least 5 years' direct experience performing hands-on network monitoring and intrusion detection in an enterprise environment, preferably in a Security Operations Center or Computer Emergency Response Team (CERT)
* Familiarity with CJCSM 6510.01B and related workforce structure (PROTECT, DETECT, RESPOND, and SUSTAIN)
* Familiarity with organization and operations of a SOC environment
The following certification is required:
* CompTIA Security+
One of the following certifications is desried:
* CEH: Certified Ethical Hacker
* GIAC: Certified Intrusion Analyst
* CISSP: Certified Information Systems Security Professional.
* Good interpersonal, organizational, writing, communications and briefing skills.
* Strong analytical and problem-solving skills.
* In-depth knowledge of TCP/IP networking and network protocols.
* Real-time network monitoring using Security Information and Event Management (SIEM)
* Experience with raw packet analysis (PCAP)
* Experience using a broad variety of network defense/monitoring tools in the context of an analyst
* Experience investigating security alerts, logs and raw data to determine if an event is a false positive or legitimate security concern
* Experience consolidating and conducting comprehensive analysis of threat data obtained from proprietary and open source resources to provide indication and warnings of impending attacks against networks
* Experience creating reports from large amounts of data
* Experience with event escalation
* Computer Intrusion methodology, and intrusion analysis/investigation methodology
* Ability to interface with and describe security concerns to users, customers, and senior leadership
* Ability to coordinate and collaborate with external organizations including IT teams, partner security teams and Law Enforcement
* US citizenship required
* Able to obtain government security clearance