Job ID: Cybersecurity SOC Analyst *** ).
Rate may vary depending on candidate preference for either w-2 (benefits or no benefits) or must have a ‘LLC’ –limited liability corporation.
Location: Washington, DC
Years of experience: 6-10 + years’ experience.
Duration: *** +
Number of positions: 1
Interviews: Either webcam or in-person.
Job Description:
The SOC Analyst is a tier 2 tech resource responsible for monitoring, detecting, analyzing, remediating, and reporting on cyber events and incidents impacting the tech infrastructure of the District of Columbia. Serves as advanced escalation point.
Summary:
The SOC Analyst is a tier 2 tech resource responsible for monitoring, detecting, analyzing, remediating, and reporting on cyber events and incidents impacting the tech infrastructure of the District of Columbia. Serves as advanced escalation point.
Specific tasks:
1. Provide in-depth cybersecurity analysis, and trending of log, event data, and alerts from diverse network devices and applications within the enterprise to identify and troubleshoot specific cybersecurity incidents and make sound recommendations that enable expeditious remediation.
2. Conduct security tool/application (for example, mcafee siem) tuning engagements with analysts and engineers to develop/adjust rules and analyst response procedures and reduce false-positives from alerting.
3. Utilize advanced background and experience in information technology and incident response handling to scrutinize escalated cybersecurity events from tier 1 analysts—distinguishing these events from benign activities, and escalating confirmed incidents to the incident response lead.
4. Recognize, create and ingest indicators of compromise (ioc’s) for attacker tools, tactics, and procedures into network security tools/applications (for example, mcafee siem, palo alto content filter, anomali threatstream) to protect the government of the district of columbia network.
5. Provide technical analytical guidance to, and quality-proofing of tier 1 analysts analytical advisories and assessments prior to release from soc.
6. Coordinate with and provide expert technical support to enterprise-wide technicians and staff to resolve confirmed incidents.
7. Report common and repeat ...
