SOC Analyst -Tier 2 Job requirement

JOB ID:SOC Analyst -Tier *** ).

Rate may vary depending on candidate preference for either w-2 (benefits or

no benefits) or must have a 'LLC' -limited liability corporation.

Location:Washington, DC

Years of experience:6+ years' experience.

Duration: *** +

Number of positions:1

Interviews:Either WebCam or in-person.


The SOC Analyst is a tier 2 tech resource responsible for monitoring,

detecting, analyzing, remediating, and reporting on cyber events and

incidents impacting the tech infrastructure of the District of Columbia.

Serves as advanced escalation point.



The SOC Analyst - Tier 2 is cybersecurity technical resource responsible for

providing technical analytical guidance to a team of Tier 1 SOC Analysts to

monitor, detect, analyze, remediate, and report on cybersecurity events and

incidents impacting the technology infrastructure of the Government of the

District of Columbia. The ideal candidate will have an advanced technical

background with experience in an enterprise successfully leading a SOC unit

or area of responsibility for analysis and correlation of cybersecurity

event, log, and alert data. The candidate will be skilled in understanding,

recognition, and root-cause detection of cybersecurity exploits,

vulnerabilities, and intrusions in host and network-based systems.


Utilize technical background and experience in information

technology and incident response handling to scrutinize and provide

corrective analysis to escalated cybersecurity events from Tier 1 SOC

Analysts-distinguishing these events from benign activities, and escalating

confirmed incidents to Tier 3 Analysts.

Provide in-depth cybersecurity analysis, and

trending/correlation of large data-sets such as logs, event data, and alerts

from diverse network devices and applications within the enterprise to

identify and troubleshoot specific cybersecurity incidents, and make sound

technical recommendations that enable expeditious remediation.

Proactively search through log, network, and system data to

find and identify undetected threats.

Support security tool/application tuning engagements, using McAfee ESM

and McAfee ePO, with analysts and engineers to develop/adjust rules and

analyze/develop related response procedures, and reduce false-positives from


Identify and ingest indicators of compromise (IOC's) (e.g.,

malicious IPs/URLs, etc.) into network security tools/applications to

protect the Government of the District of Columbia network.

Quality-proof technical advisories and assessments prior to

release from the SOC.


See full