Clearance Level Needed: Secret
Category: Systems Development
Under the general supervision of the SOC Team Lead, the SOC Analyst is expected to monitor security feeds streaming from client servers, network devices, and end user workstations, operate and maintain network security equipment, and deploy new security detection and protection solutions.
- Responsible for security incident response on client networks.
- Utilize the latest in network security technology while providing Computer Network Defense and Information Assurance (IA) support to the customer.
- Expected to be familiar with a wide range of security tools and understand basic security fundamentals.
- Perform information security event analysis and must possess knowledge of operating systems, TCP/IP networking, network attacks, attack signatures, defense countermeasures, vulnerability management, and log analysis.
- Utilize vulnerability assessment software in support of customer requirements.
- Must be able to research, develop, and communicate solutions to detected security incidents in a timely manner.
- IDS/IPS (Intrusion Detection System/Intrusion Prevention System) monitoring
- Proactive remediation of new exploits
- Incident Reporting
- Incident handling and response
- Log review
- Security process improvement
- Cyber Security website review
- Packet analysis and use of packet capture tools
- Secret clearance – preferred with SSBI
- CompTIA Security+ CE or higher
- Operating system certification (Windows Server Administration) or proof of training (certificate)
- DISA HBSS Admin (201) ePO5.3 Course (2016)
- DISA HBSS Advanced (301) ePO5.3 Course (2016)
- DISA HBSS Advanced (501) ePO5.3 Course (2015)
- DISA ACAS Version 5.3 (2016)
- Experience with IA tools. Preferred experience with the following tools: QRadar, ACAS (Tenable), and Intrusion Detection.