Security Operations Center Analyst

ShorePoint, Inc
Arlington, VA
Aug 18, 2019
Aug 21, 2019
Full Time
ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Security Operations Center (SOC) Analysts to work in a 24x7x365 SOC. This team will provide initial levels of incident identification, analysis, and triage. They will also provide baseline health reporting of the core SOC toolset, including availability of security log and data sources and integration of threat intelligence feeds. Proactive threat hunting will be a regular duty of the team. The team will mitigate incidents directly where possible, escalating incidents as needed to the Incident Response and Management Team. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market. We are seeking candidates to fill all shifts to support 24x7x365 operations. Roles and Responsibilities Perform Computer Security Incident Response activities for a large global enterprise, coordinate with other enterprise IT teams to record and report incidents Work incidents from initial assignment to final resolution Perform Root Cause Analysis (RCA) and make preventative recommendations Conduct forensics and investigations as needed using security tools such as ProofPoint, SIEM, and EnCase, etc. Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools Investigate, interpret, and responds to complex security incidents Attend and participate in Change Control BoardChange Approval Board (CCBCAB) meetings as needed Author SOPs as needed or directed Fully document assigned tickets to show all work performed in order to pass SLRs Create, track, and work to resolution Normal and Standard job-related Change Requests Required Skills Demonstrated capability to effectively monitor and investigate security incidents as well as make recommendations to improve the security posture of a large organization Strong foundation of Network and Security skills, fundamental knowledge of Windows, Linux and Cisco operating systems, networking protocols and network traffic analysis Experience implementing or working with Security Information and Event Management (SIEM) products such as QRadar and Splunk in a complex network environment and assist security analysts in building operational processes around the SIEM ecosystems Experience with IT security tools, working technical knowledge of network, server, storage and desktop hardware and software Demonstrated ability to work with matrixed resources in a team environment Excellent written and verbal communication skills Education Requirement BSBA in Computer Science, Information Systems, Engineering, Business, Physical Science, or other technology-related discipline or 1+ years of relevant experience is preferred Years of Experience Requirement 1-5 years desired but not required depending on demonstrated capability to perform required tasks Certification Requirement Desired certifications include Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), or GIAC Certified Forensic Analyst (GCFA) Certification Location Crystal City with transition to HerndonReston area Security Clearance US Citizenship with the ability to obtain a Secret clearance