Senior Cyber Security SOC Analyst ( R-00050662 )
This role serves as the Cyber Security Analyst position for the SOC program. This position is responsible for engineering design, security tools maintenance and development of cyber security technology along with integration of new architectural features into existing infrastructure.
Candidate shall have more than 5 years of experience working within an enterprise operations environment with a focus on cyber security. Perform security tools maintenance as required. Support multi-disciplined teams in the design and implementation of the cyber security system architecture.
Candidates shall also have specialized experience in one of the following areas:
a) Monitoring and Detection Analyst: Candidates shall have a minimum of three (3) years of professional experience in cybersecurity, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention, Encryption, Two‐Factor Authentication, Web‐filtering, and Advanced Threat Protection.
b) Incident Response Analyst:
Candidates shall have a minimum of three (3) years of professional experience responding to information system security incidents and an ability to use the DHS furnished toolset to identify and determine root causes of incidents and provide any required documentation and possible evidence to authorized personnel who carry legal or investigative authorities.
c) Cyber Intelligence Analyst: Candidates shall have at least three (3) years of professional experience in incident detection and response and/or cyber intelligence analysis. Primary Responsibilities Serves as a Tier 2 cyber security analyst supporting one or more of the following areas: - incident response - monitoring and detection - cyber intelligence analysis Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices. Must possess expert knowledge in two or more of the following areas: Vulnerability Assessment, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Encryption, Web‐filtering, Advanced Threat Protection.
Basic Qualifications Ability to obtain public trust clearance. Minimum five (5) years of professional experience in incident detection and response, malware analysis, or cyber forensics. In addition, minimum of three (3) years of specialized experience in one or more of the following areas: - Monitoring and detection - Incident Response - Cyber security analysis At least one of the following certifications SANS: GCIH, GCIA SEI: CSIH Preferred Qualifications Experience with Cyber Kill Chain, CDM tools Bigfix/forescout/nessus.
EDUCATION & EXPERIENCE: BS degree and 4 – 8 years of prior relevant experience in order to operate within the scope contemplated by the level.