Cyber SOC Analyst Level II or Level III Days

Catapult Consultants
Fairfax, VA
Feb 16, 2021
Feb 24, 2021
Full Time
Catapult Consultants is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network. An analyst with Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Team (CIRT) experience, needed to support the customer team.The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations. Position supports Tier 2 and 11 AM - 7 PM shift Key Responsibilities: Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvementsFollows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc.Follows strict guidance on reporting requirementsKeeps management informed with precise, unvarnished information about security posture and eventsPromotes standards-based workflow both internally and in coordinating with US-CERTEngages with other internal and external parties to get and share information to improve processes and security postureSupervises and guide team effortsCommunicates to CISO leadershipProduces design documentationLeads analyzing/investigating reports or anomaliesBasic Qualifications:6+ years of relevant work experience for a level II8+ years of relevant work experience for a level IIIKnowledge of networking protocols and security implicationsKnowledge of IP networking and network security including Intrusion DetectionEnsuring firewall security standards are metExtensive Windows, Linux, Database, Application, Web server, etc. log analysisTrouble ticket generation and processing experienceExtensive experience troubleshooting security reports on Linux, Windows, routers, firewalls, applications, etc.Experience scripting with PowerShell, bash/ksh/sh, Cisco, JunOS sh/csh, Perl, Tcl, LuaSome programming experience with C, C++, C#, Python, HTML, JavaScript, .NETnot limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.Some experience with system hardening guidance and toolsSecurity documentation experience (DIACAP/RMF)Some Splunk query-development expertiseExperience on an Incident Response team performing Tier I/II initial incident triage.Experience guiding junior analystsExperience guiding junior Security operations teams in incident responseStrong verbal/written communication and interpersonal skills to effectively communicate findings, escalate critical incidents, and interact with Sec Ops leadership.Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting.Preferred Qualifications:Splunk experience, developing queries, data models, and dashboardsSome digital analysis and forensics experience using Encase, Palantir, I2 Analysts Notebook, FTK or similar toolsExcellent writing skillsRequired Education: Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field.Two years of related work experience may be substituted for each year of degree-level education.Desired Certifications: DODI 8570.1-M Compliance at IAT Level II;CISSP, Certified Ethical Hacker (C|EH), SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, CCNA 102627 Clearance Level:Must be eligible to obtain a sensitive clearance Position of Public Trust and may be required to obtain a higher security clearance