SOC Analyst Mid
XOR Security is currently seeking a talented Tier 1 SOC Analysts to support an Agency-level SOC at CMS. The SOC program provides comprehensive Computer Network Defense and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise. SOC Analysts will conduct security event monitoring, advanced analytics and response activities in support of the CND operational mission. To support this vital mission, XOR staff are on the forefront of providing Advanced CND Operations, and Systems Engineering support to include the development of advanced analytics and countermeasures to protect critical assets from hostile adversaries. To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must along with the ability to work shift. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would be familiar with intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management.
Wednesday - Saturday, 6am - 4pm
- Must have familiarity with US-CERT Federal Incident Notification Guidelines
- Significant knowledge of Intelligence driven defense utilizing the Cyber Kill Chain (CKC)
- Significant Knowledge of TCP/IP Networking and knowledge of the OSI model
- A basic understanding of windows server domain infrastructure as well as desktop windows administration is required.
- Working knowledge of Intrusion Detection/Prevention Systems and Antivirus Endpoint Solutions
- Working knowledge of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Working knowledge of diverse operating systems, networking protocols, systems administration and security technologies
- Experience with packet analysis (Wireshark) and Malware analysis
- Experience monitoring threats via a SIEM console
- Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
- Strong customer service skills and decision-making skills
- CompTIA Network+ and Security+
- EC Council Certified Ethical Hacker (CEH)
- Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Certified Incident Handler (GCIH)
- 2 years of Information Technology experience, with at least 1 years of experience in information security working within security operations
- Experience with Splunk, RSA Security Analytics and Akamai Web Application Firewall preferred
- Experience at the Centers for Medicare and Medicaid Services (CMS) or U.S. Department of Health and Human Services (HHS)
- Previous SOC/ CIRT experience at a federal agency similar in size, scope, and complexity
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP