Tier 1 Security Analyst

Computer World Services Corp
Purcellville, VA
Apr 06, 2021
Apr 09, 2021
Full Time
Job Description Job Description As a Security Operations Center (SOC) Tier 1 Analyst, you will be analyzing / monitoring network traffic for a global implementation of Microsoft UC (Skype for Business). Primary Duties and Responsibilities Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs Prioritizing and differentiating between potential intrusion attempt and false alarms Creating and tracking security investigations to resolution Opening tickets and assigning to correct resolver and validating/closing tickets related to false positives. Providing Tier 1 investigation, triage, and mitigation of detected security events Composing security alert notifications and other communications Advising incident responders in the steps to take to investigate and resolve computer security incidents Staying up to date with current vulnerabilities, attacks, and countermeasures Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from many heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident. Provide threat and vulnerability analysis as well as security advisory services Analyze and respond to previously undisclosed software and hardware vulnerabilities Investigate, document, and report on information security issues and emerging trends. Coordinate with Intel analysts on open source activities impacting SLTT governments. Integrate and share information with other analysts and other teams This position requires the ability to work shifts on a 24*7*365 schedule Other duties as assigned or required Job Requirements Required Skills, Experience, and Certifications US Citizen with DoD Secret clearance or above Information Assurance Technical (IAT) Level of II or above (CompTIA Security+), and obtain Computing Environment (CE) certifications, within 180 days of hire 2+ years of related experience in a Security Operations Center capacity Previous experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), Cyber Defense Team (CDT), or a Security Operations Center (SOC) Experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability management and Federal/Military security protocols Ability to use assessment tools and other security tools found in large network environments; along with ability to work with Security Information and Event Management (SIEM) solutions, including Splunk Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages Familiarity with and the ability to follow ITSM, ITIL, and Info Security Best Practices Candidates shall work on-site at one of the two AT NOC/SOCs located in Purcellville, VA, or San Antonio, TX The ability to communicate security events, potential impacts, and actions taken to higher-tier resolvers and management team Desired Knowledge, Skills and Abilities Experience with Log Event Monitoring solutions is strongly desired but not required Security Clearance DoD Secret is required to start (Interim Secret is acceptable) Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.) Personnel may be required to travel to alternate work locations as well as customer sites. EOE AA M/F/Vet/Disability EEO is the Law: www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf