Cyber SOC Analyst Level II or III DAYS
Catapult Consultants is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network. An analyst with Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Team (CIRT) experience, needed to support the customer team. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.
Position supports Tier 2 and 11AM - 7PM shift
Responsibilities will include:
- Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
- Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
- Follows strict guidance on reporting requirements
- Keeps management informed with precise, unvarnished information about security posture and events
- Promotes standards-based workflow both internally and in coordinating with US-CERT
- Engages with other internal and external parties to get and share information to improve processes and security posture
- Supervises and guide team efforts
- Communicates to CISO leadership
- Produces design documentation
- Leads analyzing/investigating reports or anomalies
- Must be eligible to obtain a sensitive clearance Position of Public Trust and may be required to obtain a higher security clearance
- 6+ years of relevant work experience for a Level II
- 8+ years of relevant work experience for a Level III
- Knowledge of networking protocols and security implications
- Knowledge of IP networking and network security including Intrusion Detection
- Ensuring firewall security standards are met
- Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
- Trouble ticket generation and processing experience
- Extensive experience troubleshooting security reports on Linux, Windows, routers, firewalls, applications, etc.
- Experience scripting with PowerShell, bash/ksh/sh, Cisco IOS.sh, JunOS sh/csh, Perl, Tcl, Lua
- Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
- Some experience with system hardening guidance and tools
- Security documentation experience (DIACAP/RMF)
- Some Splunk query-development expertise
- Experience on an Incident Response team performing Tier I/II initial incident triage.
- Experience guiding junior analysts
- Experience guiding junior Security operations teams in incident response
- Strong verbal/written communication and interpersonal skills to effectively communicate findings, escalate critical incidents, and interact with Sec Ops leadership.
- Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting.
- Splunk experience, developing queries, data models, and dashboards
- Some digital analysis and forensics experience using Encase, Palantir, I2 Analysts Notebook, FTK or similar tools
- Excellent writing skills
Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience may be substituted for each year of degree-level education.
DODI 8570.1-M Compliance at IAT Level II;
CISSP, Certified Ethical Hacker (C|EH), SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, CCNA
Public Trust Current
Information and Knowledge Systems
Type Of Job
VA - Merrifield
Catapult Consultants is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Abilities Required: While performing the duties of this job the employee is regularly required to sit and use hands to finger, handle, or feel while typing at a computer keyboard.The employee is occasionally required to stand, walk, reach, or lift objects up to 10 pounds.The employee is frequently required to talk or hear. The vision requirements include: close vision.
Catapult Consultants is an Equal Opportunity Employer. We believe that every employee has the right to work in a dignified work environment free from all forms of discrimination and harassment. Its our policy to recruit, employ, retain, compensate, train, promote, discipline, terminate and otherwise treat all employees and job applicants based solely on qualifications, performance, and competence. This policy reflects our belief that providing equal opportunities for all employees is a both our legal and moral responsibility, and good management practice.
All employees and applicants are treated without regard to age, sex, color, religion, race, national origin, citizenship, veteran status, current or future military status, sexual orientation, gender identification, marital or familial status, disability or any other status protected by law.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.