Info Security Analyst III

Location: Oak Ridge, TN
Date Posted: 10-11-2018
This is an exciting opportunity to be part of a key team of cyber security professionals, supporting full life cycle cyber security operations for our customer.  We are seeking an individual that can bring security analysis and incident response experience to support daily operations and help grow and mature our current SOC environment. 
As a SOC Analyst you will directly support the Security Operations Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response.  Additionally, the analyst will assist the senior analyst staff with development and enhancement of existing detection and response capabilities including creation of SIEM content, IDS rules, SOP documentation, and implementation of incident response methodologies
Responsibilities:
•             General SIEM monitoring, analysis, content development, and maintenance
•             Research, analysis, and response for alerts; including log retrieval and documentation
•             Conduct analysis of network traffic and host activity across a wide array of technologies and platforms
•             Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
•             Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management
•             Process abuse inbox emails (spam, phishing, etc.)
•             Process tickets assigned to the SOC/CSIRT group
•             Maintain strong standards, and promote productivity, accountability and high morale
•             Influence and improve upon existing processes through innovation and operational change
•             Ensure the SOC analyst team is providing excellent customer service and support
Required Qualifications:
•             Up to 3 years of SOC or MSSP experience
•             Strong analytical and investigation skills
•             Working knowledge of security architectures and devices
•             Working knowledge of threat intelligence consumption and management
•             Working knowledge of root causes of malware infections and proactive mitigation
•             Working knowledge of lateral movement, footholds, and data exfiltration techniques
•             Track record of creative problem solving, and the desire to create and build new processes
•             Strong time management and multitasking skills as well as attention to detail
•             Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
•             Comfortable with impromptu tasking and loosely defined requirements
•             Excellent oral and written communications skills
 
Preferred Qualifications:
•             Experience with Splunk
•             Experience with active threat hunting and adversary tracking
•             Experience with one or more scripting languages (e.g., Python, JavaScript, Perl)
•             Bachelor’s degree or higher in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, Information Systems, etc.
•             Experience as a government contractor
•             Relevant security certifications (CISSP, GCIA, GCIH, GREM, CEH, etc.)
 
Clearance Requirement:
•             Ability to obtain a Public Trust Clearance
 
or
this job portal is powered by CATS