Job ID: SOC Analyst -Tier *** ).
Rate may vary depending on candidate preference for either w-2 (benefits or
no benefits) or must have a 'LLC' -limited liability corporation.
Location:Washington, DC
Years of experience:6+ years' experience.
Duration: *** +
Number of positions:1
Interviews:Either webcam or in-person.
Job Description:
The SOC Analyst is a Tier 2 tech resource responsible for monitoring,
detecting, analyzing, remediating, and reporting on cyber events and
incidents impacting the tech infrastructure of the District of Columbia.
Serves as advanced escalation point.
Summary
SOC ANALYST - TIER 2
The SOC Analyst - Tier 2 is cybersecurity technical resource responsible for
providing technical analytical guidance to a team of Tier 1 SOC Analysts to
monitor, detect, analyze, remediate, and report on cybersecurity events and
incidents impacting the technology infrastructure of the Government of the
District of Columbia. The ideal candidate will have an advanced technical
background with experience in an enterprise successfully leading a SOC unit
or area of responsibility for analysis and correlation of cybersecurity
event, log, and alert data. The candidate will be skilled in understanding,
recognition, and root-cause detection of cybersecurity exploits,
vulnerabilities, and intrusions in host and network-based systems.
SPECIFIC TASKS
Utilize technical background and experience in information technology and
incident response handling to scrutinize and provide corrective analysis to
escalated cybersecurity events from Tier 1 SOC Analysts-distinguishing these
events from benign activities, and escalating confirmed incidents to Tier 3
Analysts.
Provide in-depth cybersecurity analysis, and trending/correlation of large
data-sets such as logs, event data, and alerts from diverse network devices
and applications within the enterprise to identify and troubleshoot specific
cybersecurity incidents, and make sound technical recommendations that
enable expeditious remediation.
Proactively search through log, network, and system data to find and
identify undetected threats.
Support security tool/application tuning engagements, using McAfee ESM and
McAfee ePO, with analysts and engineers to develop/adjust rules and
analyze/develop related response procedures, and reduce false-positives from
alerting.
Identify and ingest indicators of compromise (IOC's) (e.g., malicious
IPs/URLs, etc.) into network security tools/applications to protect the
Government of the District of Columbia network.
Quality-proof technical advisories and assessments prior to release from the
SOC.
Coordinate with and provide in-d...
