SOC Analyst Lead with Security Clearance - Washington, DC, United States - Dunhill Professional Search

    Dunhill Professional Search
    Dunhill Professional Search Washington, DC, United States

    2 weeks ago

    Default job background
    Technology / Internet
    Description

    Job Details Job Description:

    • Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in network and on host.
    • Find evidence of attack, and attackers' actions thereafter.
    • Work with team to produce effective countermeasures against found evidence
    Also, contributes to mitigations for future attacks of a similar nature.


    • Follow Security Operations Center (SOC) policies, procedures for incident reporting and management
    Create a detailed Incident Report (IR) and contribute to lessons learned
    .


    • Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture.
    • Work with SOC team to help contain intrusions.
    • Generates documentation as required by the Client.
    • Thorough understanding of network protocol behaviors
    Ability to understand netflow and PCAP.


    • Thorough knowledge of open-source tools to visualize PCAP data (Wireshark, TCPDump, etc.)
    Skills


    • Network Switches
    • Network Architecture and Design
    • Threat Modeling
    • Malware Engineering #cjpost