JOB ID:SOC Analyst -Tier *** ).
Rate may vary depending on candidate preference for either w-2 (benefits or
no benefits) or must have a 'LLC' -limited liability corporation.
Years of experience:6+ years' experience.
Duration: *** +
Number of positions:1
Interviews:Either WebCam or in-person.
The SOC Analyst is a tier 2 tech resource responsible for monitoring,
detecting, analyzing, remediating, and reporting on cyber events and
incidents impacting the tech infrastructure of the District of Columbia.
Serves as advanced escalation point.
SOC ANALYST - TIER 2
The SOC Analyst - Tier 2 is cybersecurity technical resource responsible for
providing technical analytical guidance to a team of Tier 1 SOC Analysts to
monitor, detect, analyze, remediate, and report on cybersecurity events and
incidents impacting the technology infrastructure of the Government of the
District of Columbia. The ideal candidate will have an advanced technical
background with experience in an enterprise successfully leading a SOC unit
or area of responsibility for analysis and correlation of cybersecurity
event, log, and alert data. The candidate will be skilled in understanding,
recognition, and root-cause detection of cybersecurity exploits,
vulnerabilities, and intrusions in host and network-based systems.
Utilize technical background and experience in information
technology and incident response handling to scrutinize and provide
corrective analysis to escalated cybersecurity events from Tier 1 SOC
Analysts-distinguishing these events from benign activities, and escalating
confirmed incidents to Tier 3 Analysts.
Provide in-depth cybersecurity analysis, and
trending/correlation of large data-sets such as logs, event data, and alerts
from diverse network devices and applications within the enterprise to
identify and troubleshoot specific cybersecurity incidents, and make sound
technical recommendations that enable expeditious remediation.
Proactively search through log, network, and system data to
find and identify undetected threats.
Support security tool/application tuning engagements, using McAfee ESM
and McAfee ePO, with analysts and engineers to develop/adjust rules and
analyze/develop related response procedures, and reduce false-positives from
Identify and ingest indicators of compromise (IOC's) (e.g.,
malicious IPs/URLs, etc.) into network security tools/applications to
protect the Government of the District of Columbia network.
Quality-proof technical advisories and assessments prior to
release from the SOC.