Security Operations Center Analyst II (Government)

Hillsboro, VA
Dec 07, 2021
Dec 09, 2021
Full Time
As the largest communications company in the world, more than 120 million customers count on us every day to deliver the wireless, Internet, data and advertising services that fuel their businesses and connect them to their world. You will find yourself connecting communications and technology with opportunities that will take you to places you never imagined.What does it take to join us? We demand exceptional skills in your discipline and a real dedication to being the best.After all, we're asked to keep AT&T profitable and on the cutting edge, and at the same time, build on more than a century of innovation and success. We are a world leader in communications and entertainment, and we plan to keep on growing.SOC Tier 2 position is in support of multiple global public sector customers in the Northern Virginia area. The candidate for this position will demonstrate senior level expertise in cybersecurity incident detection and response leveraging SIEM technologies. The candidate as part of our 24/7 SOC, will monitor SIEM platform, investigate alerts and initiate incident response processes. Skills and familiarity with Splunk or equivalent solutions a plus. This position also requires strong problem solving and communication skills, as well as the ability to work alone and as a member of the SOC team.This position provides support to the AT&T Cybersecurity's CNOSC (Consolidated Network Operations & Security Center) in providing critical security monitoring services to our customers. Activities that this position performs include security monitoring, incident response, IDS and SIEM tuning, and working closely with other analysts to solve technical problems in complex environments.Job Duties/Responsibilities:Monitor, analyze and report on cyber threats identified through leveraging Security Information and Event Management (SIEM), a variety of security tools, and proactive threat hunting.Investigate intrusion attempts and perform in-depth analysis of exploits.Develop and follow detailed operational processes and procedures to appropriately analyze, escalate and assist in the remediation of information security-related incidents.Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.Communicate technical investigation details with customers and other members of the team.Required Clearance: DoD Secret (Clearable to TS SCI) (#secret) (#tssci)Required Qualifications:1+ years experience in SOC environmentStrong work ethic and commitment to accomplish assigned tasksStrong knowledge of the incident response lifecycle and analysis techniquesExcellent verbal and written communication skills.Willingness to work onsite in Northern VirginiaDesired Qualifications:Experience with Splunk and Splunk Enterprise SecurityExperience with host and network based log correlationExperience with cloud securityExperience tuning security alerting in SIEM, IDS, and other security technologiesPossess a DoDD 8140/8570 compliant certificationReady to join our team? Apply today!(#none)