- Perform hunting for malicious activity across the network and digital assets.
- Respond to computer security incidents and conduct threat analysis.
- Identify and act on malicious or anomalous activity.
- Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network.
- Perform detailed investigation and response activities for potential security incidents.
- Provide accurate and priority driven analysis on cyber activity/threats.
- Perform payload analysis of network packets.
- Recommends implementation of countermeasures or mitigating controls.
- Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment.
- Collaborates with technical and threat intelligence analysts to provide indications and warnings and contributes to predictive analysis of malicious activity.
- Mentor junior staff in cybersecurity techniques and processes.
- Create and continuously improve standard operating procedures used by the SOC.
- Resolve or coordinate the resolution of cyber security events.
- Monitor incoming event queues for potential security incidents.
- Create, manage, and dispatch incident tickets.
- Monitor external event sources for security intelligence and actionable incidents.
- Maintain incident logs with relevant activity.
- Document investigation results, ensuring relevant details are passed to SOC Lead, Incident Management team and stakeholders.
- Participate in root cause analysis or lessons learned sessions.
- Must have familiarity with US-CERT Federal Incident Notification Guidelines.
- 5 years of Information Technology experience, with at least 2 years of experience in information security working within security operations.
- Splunk, Elastic, Snowflake, and Akamai WAF experience preferred.
- Working knowledge of CrowdStrike, TrendMicro and McAfee host-based solutions.
- Knowledge of log, network, and system forensic investigation techniques.
- Significant experience performing analysis of log files from a variety of sources, including individual host logs, network traffic logs, firewall logs, or intrusion prevention/detection logs.
- Significant experience with packet analysis (Wireshark) and malware analysis preferred.
- Experience conducting intelligence driven defense utilizing the MITRE ATT&CK framework and Cyber Kill Chain (CKC.)
- Diverse knowledge base of operating systems, network protocols, system administration, and security technologies.
- Knowledge of TCP/IP Networking and the OSI model.
- Experience creating actionable content for a diverse range of commercial security tools and/or SIEM technologies.
- Significant experience monitoring threats via SIEM console.
- Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems.
- Strong customer service skills and decision-making skills.
- Working knowledge of client infrastructure preferred.
- Minimum of 4 years' experience in SOC/CIRT with 2-3 years of specific experience as a Lead Analyst.
- Bachelor's degree in computer science or related field or equivalent work experience.
- Certified Information Systems Security Professional or Associate.
- Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Certified Incident Handler (GCIH).
- Experience at the Centers for Medicare and Medicaid Services (CMS) or U.S. Department of Health and Human Services (HHS).
- Previous SOC/ CIRT experience at a federal agency similar in size, scope, and complexity.
- Familiarity with Snowflake and Security Data Lake (SDL) architecture.
- Familiarity with Panther Cloud SIEM.
- EC Council Certified Ethical Hacker (CEH).
- Key Preferred Certifications: SANS GCIA/GNFA/GCIH, EC-Council CEH.
- Key Software: Splunk, Trend Micro, Akamai, Wireshark, Windows, Citrix, CrowdStrike, Snowflake, Panther.
- Key Skills: Analysis, Troubleshooting, Investigation, Documentation, Problem Solving, Critical Thinking, Customer Service.
-
SOC Analyst
1 week ago
Koniag Government Services Baltimore, United StatesTGS · Job ID · Tuknik Government Services, a Koniag Government Services company , is seeking a SOC Analyst that is able to obtain a Public Trust Clearance to support TGS and our government customer in Baltimore, MD. · We offer competitive compensation and an extraordinary benefi ...
-
SOC Security Analyst
3 weeks ago
BlueVoyant Baltimore, United StatesSOC Security Analyst (Level 2) · The preference is hybrid out of College Park, Maryland but remote US based candidates will be considered. Either way, the schedule will be a Panama schedule: (slow rotating shift pattern that uses 4 teams and two 12-hour shifts to provide 24/7 cov ...
-
L3 SOC Analyst
4 weeks ago
Noralogic Inc Baltimore, United StatesHi , · My name is Jitender and I would like to speak with you about a job opportunity that I am currently staffing for a client of ours. I came across your resume in our database and your work experience appears to align well with the position I am looking to fill. Please take a ...
-
SOC Analyst/Threat Hunter
4 days ago
Zachary Piper Solutions Baltimore, United StatesZachary Piper Solutions is seeking · Security Operations Center (SOC) Analysts · for positions supporting a cabinet-level government agency. This is a · hybrid · position with some onsite work required in · New Carrollton, MD . The · SOC Analyst · will be responsible for p ...
-
SOC Analyst Cyber Engineering Services
4 days ago
Cyberesi Cg Baltimore, United StatesMonitor organization's networks for security breaches and investigate a violation when one occurs. Recommend and/or implement mitigation actions in response. Prepare tickets that document security breaches and the extent of the damage caused by the breaches. Uses data collected f ...
-
SOC Security Analyst
2 weeks ago
BlueVoyant College Park, United StatesSOC Security Analyst (Level 2) · The preference is hybrid out of College Park, Maryland but remote US based candidates will be considered. Either way, the schedule will be a Panama schedule: (slow rotating shift pattern that uses 4 teams and two 12-hour shifts to provide 24/7 cov ...
-
SOC Security Analyst
3 weeks ago
BlueVoyant College Park, United StatesSOC Security Analyst (Level 2) · The preference is hybrid out of College Park, Maryland but remote US based candidates will be considered. Either way, the schedule will be a Panama schedule: (slow rotating shift pattern that uses 4 teams and two 12-hour shifts to provide 24/7 co ...
-
SOC Security Analyst
2 weeks ago
BlueVoyant College Park, United StatesSOC Security Analyst (Level 2) · Read all the information about this opportunity carefully, then use the application button below to send your CV and application. · The preference is hybrid out of College Park, Maryland but remote US based candidates will be considered. Either ...
-
SOC Security Analyst
2 weeks ago
BlueVoyant College Park, United StatesJob Description · Job DescriptionSOC Security Analyst (Level 2) · The preference is hybrid out of College Park, Maryland but remote US based candidates will be considered. Either way, the schedule will be a Panama schedule: (slow rotating shift pattern that uses 4 teams and two 1 ...
-
Senior SOC Security Analyst
3 weeks ago
General Dynamics Information Technology Lanham, United StatesTransform technology into opportunity as a Senior Information Security Analyst with GDIT.The Senior SOC Analyst is responsible for overseeing the operational activities of the Security Operations Center (SOC), ensuring that the organization's digital assets are protected from una ...
-
SOC Analyst/Threat Hunter
2 weeks ago
Piper Companies New Carrollton, United StatesZachary Piper Solutions is seeking · Security Operations Center (SOC) Analysts · for positions supporting a cabinet-level government agency. This is a · hybrid · position with some onsite work required in N ew Carrollton, MD . The · SOC Analyst · will be responsible for pro ...
-
Senior SOC Security Analyst
3 weeks ago
NES Associates Lanham, United StatesType of Requisition · Regular · Clearance Level Must Currently Possess None · Clearance Level Must Be Able to Obtain None · Suitability Public Trust/Other Required: · MBI (T2) · Job Family Information Security · Job Qualifications Skills Cloud Applications, SIEM Tools, Splunk En ...
-
Senior SOC Security Analyst
2 weeks ago
General Dynamics Information Technology Glenn Dale, United StatesTransform technology into opportunity as a Senior Information Security Analyst with GDIT. · The Senior SOC Analyst is responsible for overseeing the operational activities of the Security Operations Center (SOC), ensuring that the organization's digital assets are protected from ...
-
Senior SOC Security Analyst
3 weeks ago
General Dynamics Information Technology Lanham, United StatesReq ID: RQ174316 · Type of Requisition: Regular · Clearance Level Must Be Able to Obtain: None · Public Trust/Other Required: MBI (T2) · Job Family: Information Security · Skills: · Cloud Applications,SIEM Tools,Splunk Enterprise Security · Experience: · 4 + years of related expe ...
-
SOC Analyst/Threat Hunter
2 weeks ago
Piper Companies Hyattsville, United StatesZachary Piper Solutions is seeking Security Operations Center (SOC) Analysts for positions supporting a cabinet-level government agency. This is a hybrid position with some onsite work required in New Carrollton, MD. The SOC Analyst will be responsible for protecting enterprise n ...
-
Senior SOC Security Analyst
2 weeks ago
General Dynamics Information Technology Lanham, United StatesReq ID: RQ174838 · Type of Requisition: Regular · Clearance Level Must Be Able to Obtain: None · Public Trust/Other Required: MBI (T2) · Job Family: Information Security · Skills: · Cloud Applications,SIEM Tools,Splunk Enterprise Security · Experience: · 4 + years of related expe ...
-
Senior SOC Security Analyst
2 weeks ago
General Dynamics Lanham, United StatesResponsibilities for this Position · Location: USA MD Lanham Ellin Rd (MDC002) · Full Part/Time: Full time · Job Req: RQ174838 · Type of Requisition: · Regular · Clearance Level Must Currently Possess: · None · Clearance Level Must Be Able to Obtain: · None · Suitabi ...
-
SOC Security Analyst I
2 weeks ago
BlueVoyant College Park, United StatesBlueVoyant is looking for a SOC Security Analyst I to help our global customers manage their IT security. You will be part of a fast-paced team that helps customers to reduce the impact of security incidents and ensures that critical business operations continue unhindered. · Thi ...
-
Jr. SOC Security Analyst
3 weeks ago
General Dynamics Information Technology Lanham, United StatesReq ID: RQ174328 · Type of Requisition: Regular · Clearance Level Must Be Able to Obtain: None · Public Trust/Other Required: MBI (T2) · Job Family: Information Security · Skills: · IDS,Incident Response,SIEM Tools,Splunk,Wireshark · Experience: · 2 + years of related experience ...
-
Jr. SOC Security Analyst
2 weeks ago
General Dynamics Information Technology Glenn Dale, United StatesTransform technology into opportunity as a Junior Information Security Analyst with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT you'll be at the forefront of innovation and play a meaningful part in improving how agencies o ...
MidLevel Security Operations Center SOC Analyst - Baltimore, United States - Cybervance
Description
Mid-Level Security Operations Center (SOC) Analyst **
** Baltimore, MD | Full Time
Cybervance is an equal opportunity employer that designs, develops, and manages the successful execution of training programs for government and private sector organizations. Cybervance believes in creating innovative solutions to deliver measured results. We are looking to hire an Information Assurance Analyst to support a government civilian client in incident tracking and examination support in the capital market system. This position is available immediately upon finding a well-qualified candidate with the ability to obtain the appropriate background clearance.
Clearance Required: Public Trust
Position Responsibilities:
Job Requirements:
Additional Experience Preferred:
Certifications/Licenses:
One or more of the following industry standard certifications: