Job ID: SOC Analyst - Tier *** ).
Rate may vary depending on candidate preference for either w-2 (benefits or no benefits) or must have a ‘LLC’ –limited liability corporation.
Location: Washington, DC
Years of experience: 11+ years’ experience.
Duration: *** +
Number of positions: 1
The Tier 3 SOC Analystis a cyber technical resource responsible for leading a team of Tier 1 & 2 SOC Analysts to monitor, detect, analyze, remediate, and report on cyber events & incidents impacting the IT infrastructure of the DC Government.
The SOC Analyst - Tier 3is cybersecurity technical resource responsible for providing technical analytical oversight over a team of Tier 2 and 1 SOC Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents impacting the technology infrastructure of the Government of the District of Columbia. The ideal candidate will have an advanced technical background with significant experience in an enterprise successfully leading a SOC team or unit responsible for analysis and correlation of cybersecurity event, log, and alert data. The candidate will be skilled in understanding, recognition, and root-cause detection of cybersecurity exploits, vulnerabilities, and intrusions in host and network-based systems.
Utilize advanced technical background and experience in information technology and incident response handling to scrutinize and provide corrective analysis to escalated cybersecurity events from Tier 2 analysts—distinguishing these events from benign activities, and escalating confirmed incidents to the Incident Response Lead.
Provide in-depth cybersecurity analysis, and trending/correlation of large data-sets such as logs, event data, and alerts from diverse network devices and applications within the enterprise to identify and troubleshoot specific cybersecurity incidents, and make sound technical recommendations that enable expeditious remediation.
Proactively search through log, network, and system data to find and identify undetected threats.
Conduct security tool/application tuning engagements, using McAfee ESM and McAfee ePO, with analysts and engineers to develop/adjust rules and analyze/develop related response procedures, and reduce false-positives from alerting.
Identify and ingest in...