- 6+ years of experience in modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
- Experience with writing detections within SIEM solutions, including Splunk, ArcSight, ElasticSearch, or Azure Sentinel
- Experience with Intrusion Detection System or Intrusion Prevention System (IDS/IPS) monitoring
- Knowledge of the basic functions and configurations of Bro or Zeek
- Knowledge of OS internals, including Windows, Linux, or Mac
- Knowledge of common security threats and vulnerabilities
- Ability to perform Nessus scans and review results, firewall configurations, and Linux hosts for indicators of compromise and hardening of Linux systems
- TS/SCI clearance with a polygraph
- Bachelor's degree
- IAT Level II Certifications
- Experience in creating and debugging Splunk Dashboards and creating Snort rules
- Experience with security subjects and trends, including digital forensics, reverse engineering, and penetration testing
- Experience with security principles in virtual and hosting software, including MISP, HIVE, CORTEX, WikiJS, VPN, and SecurityOnion
- Experience with leading teams in a technical capacity
- Experience with leveraging common scripting languages, including PowerShell or Python to parse logs and automate repeatable tasks
- Ability to use Splunk to hunt for indicators of compromise, create Splunk Dashboards, and review logs
- Ability to code or script using any language
- Ability to partner and collaborate with teams, both internal and external, including developers, vendors, analysts, tech leads, and project managers
- DOD 8570 CSSP Analyst Certification
- GCIA, GSLC, GCIH, CISM, CISSP, or- CEH Certifications
-
Midlevel Operations Support Center
2 weeks ago
ManTech Annapolis Junction, United StatesSecure our Nation, Ignite your Future · Currently, ManTech is seeking a motivated, career and customer-oriented Midlevel Operations Support Center (OSC) Incident Management Specialist to join our team in Annapolis Junction, MD or Colorado Springs, CO. · It is the responsibility ...
-
Midlevel Operations Support Center
1 day ago
ManTech International Annapolis Junction, United StatesSecure our Nation, Ignite your Future Currently, ManTech is seeking a motivated, career and customer-oriented Midlevel Operations Support Center (OSC) Incident Management Specialist to join our team in Annapolis Junction, MD or Colorado Springs, CO. It is the responsibility of th ...
-
Midlevel Operations Support Center
2 weeks ago
ManTech International Corporation Annapolis Junction, United StatesMonitoring Remedy queues to ensure that all elements of incident tickets, such as required fields, correct assignments, and proper documentation, are in place. Monitoring Remedy queues to ensure incident tickets are closed/updated in a timely manner Operations, Management, Suppor ...
-
Tailored Access, LLC Annapolis Junction, United StatesThis is a full-time position requiring 1880 hours of support per year; and work is performed at the customer site. As an Operations Center Database/Software Engineer on our team you will work within a government and contractor team to integrate client requirements into other Oper ...
-
Booz Allen Hamilton Annapolis Junction, United StatesNetwork Operations Center Tier II Systems Administrator · Annapolis Junction , Maryland , USA · Apply ) · Be you · Be Booz Allen ) · Be empowered · Learn More · Job Description · Location:Annapolis Junction, Maryland, USA · Remote Work:Hybrid · Job Number:R0176129 · ...
-
Booz Allen Hamilton Annapolis Junction, United StatesNetwork Operations Center Tier II Systems Administrator · Annapolis Junction , Maryland , USA · Apply ) · Be you · Be Booz Allen ) · Be empowered · Learn More · Job Description · Location:Annapolis Junction, Maryland, USA · Remote Work:Hybrid · Job Number:R0174090 · ...
-
Program Manager with Security Clearance
1 day ago
SilverEdge Annapolis Junction, United States● Demonstrated experience in large cyber programs focused on cyber operations and operations center management. ● Expert in directing and managing cyber operational teams within scope and budget. ● Master level experience in developing scope, schedule, budget, and program documen ...
-
IT O&M Operations Manager
1 day ago
M.C. Dean Annapolis Junction, United StatesKey Responsibilities * Drives, in coordination with the Program Manager and O&M Deputy Program Manager, successful execution of Operations & Maintenance activities, including manpower estimation and allocation, daily review and prioritization of activities based on current situat ...
-
Availability Manager, Mid-level
1 week ago
Independent Software Annapolis Junction, United StatesWhat you will be doing · Independent Software is hiring a Availability Manager. Candidate will man a 24/7 watch center that monitors enterprise networks, printers, and other services within the contract's scope of responsibility, report anomalies, engage on-site technicians or re ...
-
SCCM Engineer with Security Clearance
1 day ago
Anonymous Employer Annapolis Junction, United Statesob Description · Our work depends on a SCCM Engineer joining our team to support Government activities in Annapolis Junction, Maryland or Sterling, VA. As a SCCM Engineer supporting the Government, you will be a part of a team charged with engineering solutions for software deplo ...
-
SCCM Engineer with Security Clearance
1 day ago
PlanIT Group LLC Annapolis Junction, United States*****Position can sit in Annapolis Junction, MD or Sterling, VA. Active TS/SCI clearance and IAT Level II certification required******** Job Description Summary · Designs and defines system architecture for new or existing computer systems. Coordinates system development to inclu ...
-
Momentum Engineering Annapolis Junction, United StatesRequired Qualification Must have Splunk Enterprise Certified Admin Certificate or higher. The selected candidate will be responsible for configuring the collection, parsing, correlation, and visualization of events for a critical operational system. She/he will demonstrate strong ...
-
Aerostat Operator
1 day ago
Talos Mission Solutions Annapolis Junction, United StatesOur client has multiple opportunities for OCONUS to support an Army Aerostat contract. We have ten Level 1 openings. #### There is no training class; candidates must have prior experience and training in Yuma, AZ, between present. We are looking for individuals with a technical b ...
-
Amazon Data Services, Inc. Annapolis Junction, United StatesJob Description · Do you love decomposing problems to develop products that impact millions of people around the world? Would you enjoy identifying, defining, and building software solutions that revolutionize how businesses operate? · The Software Transformation and Deployment A ...
-
SCCM Engineer
1 week ago
Base2 Solutions Annapolis Junction, United StatesBase-2 Solutions is looking for a SCCM Engineer to design and defines system architecture for new or existing computer systems. The SCCM Engineer will also coordinate system development to include design, modeling, security, integration, and formal testing. · Job Description · ...
-
Cyber Engineer with Security Clearance
1 day ago
Alku Annapolis Junction, United StatesCyber Engineer · Candidate must have a TS/SCI security clearance. Program Description: This Program is supporting a worldwide enterprise that is virtual and we are looking to optimize, modernize, and make it the most innovative network possible for our customer and their missions ...
-
Cybersecurity Engineer 4
1 day ago
M.C. Dean Annapolis Junction, United StatesPosition Summary You will be working with a dynamic team of system engineers responsible for design decisions and implementation in all areas of systems architecture, systems, engineering, and the technical direction of multiple projects across multiple programs for OCONUS operat ...
-
Cyberspace Operations Engineer
2 weeks ago
The Applied Research Laboratory at Penn State University Annapolis Junction, United StatesWe are searching for a self-motivated Cyberspace Operations Research and Development (R&D) Engineer to join our Offensive Security Department at the Applied Research Laboratory (ARL) at Penn State University. ARL/Penn State's purpose is to develop innovative solutions to challeng ...
-
Tensley Consulting, Inc. Annapolis Junction, United StatesPerform engineering services to enable all aspects of network management from network design through implementation, maintenance, sustainment of existing networks, and identification/correction of complex internetwork issues. Implements and sustains Wide area networks (WANs), Cam ...
-
Cyberspace Fires
9 hours ago
Constellation Technologies Inc Annapolis Junction, United StatesAbout us: Mission Driven, Employee Focused At CTI, you'll be at the center of an award-winning corporate culture, breaking technological barriers and solving real-world problems for our federal government customers. We are committed to hiring the best of the best, and in return, ...
Security Operations Center - Annapolis Junction, United States - EverWatch
Description
Job Title:
Security Operations Center (SOC) Analyst, Senior
Overview:
EverWatch is a government solutions company providing advanced defense, intelligence, and deployed support to our countrys most critical missions. We are a full-service government solutions company. Harnessing the most advanced technology and solutions, we strengthen defenses and control environments to preserve continuity and ensure mission success.
EverWatch is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age (40 or older), disability, genetic information, citizenship or immigration status, and veteran status or any other factor prohibited by applicable law.
EverWatch employees are focused on tackling the most difficult challenges of the US Government. We offer the best salaries and benefits packages in our industry - to identify and retain the top talent in support of our critical mission objectives.
Responsibilities:We are looking for an experienced Security Operations Center (SOC) Tier II Analyst to improve monitoring strategies and analyze threats to safeguard infrastructure supporting global missions focused on seeking out and eliminating cyberspace threats to defend the United States and its Allies. You will guide the team on best practices and security measures. You'll configure defense tools, create reports, and dashboards and build custom queries. You will make recommendations to leadership on best practices to harden infrastructure and improve alerting. You'll lead incident response and remedy potential incidents escalated from Tier 1 SOC Analysts. You'll work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact. You will guide efforts to assess how many systems are affected and assist recovery efforts. You'll combine threat intelligence, event data, and assessments from recent events to identify patterns and provide mitigation techniques and strategies. Finally, you will apply knowledge of attacker techniques to uncover threats by analyzing log data, and building and tuning detections.
Qualifications:Qualifications:
Nice If You Have:
TS/SCI polygraph
Job Locations:
US-MD-Annapolis Junction
Skills:
SIEM, Intrusion Detection