Host based Systems Analyst /Senior SOC Analyst
Arlington, Virginia, United States
Full Time Senior-level / Expert Clearance required USD 100K - 153K *
Node.Digital
Market leader in Digital Transformation & Automation using Artificial Intelligence and Machine LearningHost-based Systems Analyst /Senior SOC Analyst
Location: Arlington, VA
Must have an active Secret Security Clearance
Node provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Contract personnel provide-front-line response for digital forensics/incident response (DFIR) and proactively hunt for malicious cyber activity.
Node is seeking a Senior SOC Analyst to support this critical customer mission.
Responsibilities:
- Assisting Federal team leads with establishing and operating a Security Operations Center responsible for securing a highly dynamic environment supporting Incident Response and Threat Hunting experts
- Configuring and monitoring the Security Information and Event Management (SIEM) platform for security alerts.
- Scanning and monitoring system vulnerabilities on servers and infrastructure devices using a Threat and Vulnerability security solution; coordinating artifact collection operations.
- Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
- Collects network intrusion artifacts (e.g., PCAP, domains, URIs, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents
- Collects network device integrity data and analyzes for signs of tampering or compromise
- Analyzes identified malicious network and system log activity to determine weaknesses exploited, exploitation methods, effects on system and information
- Characterize and analyze artifacts to identify anomalous activity and potential threats to resources
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
- Research and test new security tools/products and make recommendations for tools to be implemented in the SOC environment
- Planning, coordinating, and directing the inventory, examination, and comprehensive technical analysis of computer-related evidence
- Distilling analytic findings into executive summaries and in-depth technical reports
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
Requirements
Required Skills:
- U.S. Citizenship
- Must have an active Secret clearance, TS/SCI preferred
- Must be able to obtain DHS Suitability
- Must demonstrate being a self-starter and give examples of leadership in customer-facing roles
- 8+ years of directly relevant experience in security operations using leading-edge technologies and industry-standard tools
- Experience with the analysis and characterization of cyber attacks
- Skilled in identifying different classes of attacks and attack stages
- Knowledge of system and application security threats and vulnerabilities
- In-depth knowledge of CND policies, procedures, and regulations
- In-depth knowledge and experience of network topologies - DMZs, WANs, etc. and use of Palo Alto products
- In-depth knowledge and experience of Wifi networking
- In-depth knowledge of TCP/IP protocols such as ICMP, HTTP/S, DNS, SSH, SMTP, SMB,
- Experience using Elastic SIEM
- Experience with vulnerability assessment and monitoring tools such as Security Center, Nessus, and Endgame
- Experience with reconstructing a malicious attack or activity based on network traffic
- Experience incorporating Threat Intelligence
- Experience with Crowdstike, Gray Noise and Shodan
-Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
- Must be able to work collaboratively across physical locations.
Desired Skills:
-Proficiency in Elastic SIEM engineering
-Proficiency with Snort
-Proficiency with other EDR Tools (Crowdstrike, Carbon Black, etc)
-Proficiency with network analysis software (e.g. Wireshark)
-Proficiency with carving and extracting information from PCAP data
-Proficiency with non-traditional network traffic (e.g. Command and Control)
-Proficiency with preserving evidence integrity according to standard operating procedures or national standards
-Proficiency with designing cyber security systems and environments in a Linux
-Proficiency with virtualized environments
-Proficiency in conducting all-source research.
Required Education:
BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics and network forensic experience
Desired Certifications:
- GSOM, GSOC, GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNFA
Company Overview:
Node. Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.
Our Core Values help us in our mission. They include:
OUR CORE VALUES
Identifying the~RIGHT PEOPLE~and developing them to their full capabilities
Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner
We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence
Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions
Benefits
We are proud to offer competitive compensation and benefits packages to include:
- Medical
- Dental
- Vision
- Basic Life
- Long-Term Disability
- Health Saving Account
- 401K
- Three weeks of PTO
- 10 Paid Holidays
- Pre-Approved Online Training
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Automation Carbon Black CCSP CEH CFCE Clearance CND Computer Science CrowdStrike DFIR DNS EDR EnCE Forensics GCFA GCFE GNFA Incident response Linux Monitoring Nessus OSCP PCAP Security Clearance SHODAN SIEM SMTP Snort SOC SSH TCP/IP Threat intelligence TS/SCI Vulnerabilities
Perks/benefits: Competitive pay Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs