SOC Analyst, Mid
Washington, DC, United States
Full Time Mid-level / Intermediate Clearance required USD 86K - 138K
Peraton
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly...Responsibilities
Responsible for the overall collection of operational and logistical data for assigned UAS at assigned location. Verify all data for accuracy, make appropriate changes to improve the accuracy, and transmit the data via established timelines and procedures. Acts as focal point for quality control from other sites, runs edits, corrects errors, and responds to customer contract requirements. Collects operational and logistical data on all assigned UAS platforms at your assigned location. Participates as a team member performing threat analyses based on knowledge on electronic warfare/intelligence systems and concept. Contributes to development of analytical threat models and provides functional guidance and direction to threat studies team in overall conduct of project(s). Supports team performing expert-level research and analysis of intelligence and related data support of threat studies. Provides advice, guidance, and direction to threat studies team. Supports team providing other technical services such as computer software system design/development, installation and integration planning, testing, and support of a wide range of systems that support intelligence functions.
Key Responsibilities:
- Conduct an analysis of current operations of the SOC, analyze how the work is being done, review alerts, and SOPs to make recommendations for proposed changes and improvements to SOC operations and response metrics.
- Develop and execute an Incident Response Plan and SOC Playbook.
- Utilize the authorized security tools to perform security analysis and triage security alerts and events to prevent, detect, contain, and remediate security and privacy incidents.
- Identify, analyze, triage, report, and coordinate with CSIRT and other stakeholders to remediate all information security incident types.
- Utilize the authorized Security Tool Set) to perform security analysis and triage security alerts and events to prevent, detect, contain, and remediate security and privacy incidents.
- Coordinate with the SIEM team to create and maintain security dashboards.
- Report all information security incidents through the proper authority.
- Investigate and positively identify anomalous events that are detected by security devices. or reported to the SOC from external entities, system administrators, and the user community, via security monitoring platform and tools, incoming phone calls, emails, and the Service Desk and Incident Tracking System.
- Conduct monitoring and analysis activities.
- Utilize network-based intrusion detection systems and other Security Information tools such as Event Management solutions (SIEM/Splunk) and Network Security Management solutions (such as Skybox Security, CISCO IPS/IDS, and Nessus) for the assessment, identification, and remediation of the incidents.
- Support Incident Management and Response requirements across the security incident lifecycle phases.
- Perform ad-hoc searches for suspect activity and reverse engineering of malicious software.
- Provide investigation, review, and recommendation documentation as necessary.
- Support development of reports and documentation including SOC Improvement Plan, Security Incident Reports, Program Status Report with reporting against Objectives and SLAs, Shift Change Reports, Measurable Activities Report (WAR), SOC Playbook updated, Incident Escalation Reports, daily Monitoring Reports
- Cross-train with Network O&M/Telephony/Mobile Computing Management to assist the monitoring of all communications connectivity (e.g., VSAT, DTS-PO, VPN, SD-WAN, MPLS, and TICs), as well as the devices that terminate communications links, to ensure uninterrupted communications and in the event of a failure, provide rapid identification and resolution of problems per defined SLAs.
- Monitor the wireless network infrastructure; networks used by software development teams; bandwidth utilization and availability of communications links; and LAN device security logs, identifying and ascertaining the nature of potential security violations, and protocol configuration, route table maintenance, and alternate path mechanisms.
*Contingent on Contract Award*
Qualifications
Basic Qualification:
- U.S. Citizen
- An active SECRET or the ability to obtain a SECRET Clearance.
- Bachelor’s degree with 5 – 7 years, master’s degree with 3 - 5 years, or PhD with 0 – 2 years; four (4) years of experience can be substituted in lieu of a bachelor’s degree.
- Experience leading incident response activities (Prepare, Identify, Contain, Eradicate, Recover)
- Experience using Security Operations (Sec Ops) tools, including any of the following: MTIPS, E3a, CASB, Qualys, Palo Alto Firewall, Palo Alto Panorama, Trellix, ForeScout CounterAct, HoneyPots, Google DLP, Entrust Identity Guard, Infoblox, KeePass, McAfee Antivirus, McAfee ePolicy Orchestrator, Microsoft Active Directory Certificate Services, Microsoft System Center Configuration Manager (SCCM), RSA token, RSA Archer, SailPoint, Skybox, Splunk, Syslog, Tenable Nessus, Thales, Valimail Enforce, VMWare AirWatch, Zimperium, EntryPoint, Tanium
- Knowledge of scripting languages (e.g., PowerShell, Python, Yara, SNORT, EQL)
- Amazon Web Services Cloud experience
- Experience working programs using ITIL v. 4 and/or Agile framework for Service Management
- Experience with the cloud-based workflow automation platform ServiceNow.
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Target Salary Range
$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.Tags: Active Directory Agile Antivirus Automation CASB Clearance Cloud CSIRT Firewalls Honeypots IDS Incident response Intrusion detection IPS ITIL Monitoring Nessus Network security PhD PowerShell Privacy Python Qualys Reverse engineering RSA SailPoint Scripting Security analysis SIEM SLAs Snort SOC Splunk VMware VPN
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Product Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Editor jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs