Cybersecurity SOC Analyst

More information about this job:

About NFF:

Networking For Future, Inc. (NFF) is a technology firm offering Network Services and Software services to our clients. As a Certified Cisco Gold Partner, NFF provides: network assessments, integration and design; IP telephony; wireless and Information Security. Software services practice includes: Application Development; Content Management Integration and Large database/ Data warehouse integration services as well as Professionals Services. We differentiate ourselves as an organization that focuses on people, both our clients and our employees. We are committed to empowering our employees by creating an environment for growth, partnership, respect and creativity. For the second year in a row NFF was named one of Inc. magazines Fastest Growing Private Companies.
About this Position / Responsibilities:

Summary
The SOC Analyst is a tier 2 tech resource responsible for monitoring, detecting, analyzing, remediating, and reporting on cyber events and incidents impacting the tech infrastructure of the District of Columbia. Serves as advanced escalation point.

Specific tasks
1. Provide in-depth cybersecurity analysis, and trending of log, event data, and alerts from diverse network devices and applications within the enterprise to identify and troubleshoot specific cybersecurity incidents and make sound recommendations that enable expeditious remediation.
2. Conduct security tool/application (for example, mcafee siem) tuning engagements with analysts and engineers to develop/adjust rules and analyst response procedures and reduce false-positives from alerting.
3. Utilize advanced background and experience in information technology and incident response handling to scrutinize escalated cybersecurity events from tier 1 analysts—distinguishing these events from benign activities, and escalating confirmed incidents to the incident response lead.
4. Recognize, create and ingest indicators of compromise (ioc’s) for attacker tools, tactics, and procedures into network security tools/applications (for example, mcafee siem, palo alto content filter, anomali threatstream) to protect the government of the district of columbia network.
5. Provide technical analytical guidance to, and quality-proofing of tier 1 analysts analytical advisories and assessments prior to release from soc.
6. Coordinate with and provide expert technical support to enterprise-wide technicians and staff to resolve confirmed incidents.
7. Report common and repeat problems (trend analysis) to soc management and propose process and technical improvements to improve the effectiveness and efficiency of the incident handling process.
8. Respond to inbound requests via phone and other electronic means for technical assistance, and resolve problems independently. Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues.

Qualifications:

Minimum qualifications
1. Five years of hands-on operational experience as a cybersecurity analyst/engineer in a security operations center, or equivalent knowledge in areas such as; cybersecurity operations, incident analysis and handling, vulnerability management, log analysis, and intrusion detection.
2. In-depth understanding of cybersecurity attack countermeasures for adversarial activities such as network probing and scanning, distributed denial of service (ddos), phishing, malicious code activity such as worms, trojans, viruses, etc.
3. In-depth hands-on experience analyzing and responding to security events and incidents with a majority of the following technologies and/or techniques; leading security information and event management (siem) technologies, intrusion detection/prevention systems (ids/ips), network- and host- based firewalls, data leak protection (dlp), database activity monitoring (dam), web content filtering, vulnerability scanning tools, endpoint protection, secure coding, etc.
4. Excellent interpersonal, organizational, oral, communication and customer service skills.
5. Strong knowledge of cybersecurity attack methodology to include tactics and techniques, and associated countermeasures.
6. Strong knowledge of tcp/ip protocols, services, networking, and experience identifying, analyzing, containing, and eradicating cybersecurity threats.
7. Adept at proactive search of the internet and other sources to identify cybersecurity threat countermeasures, not previously ingested into network security tools/applications, to apply to protect the government of the district of columbia network.
8. Excellent ability to multi-task, prioritize, and manage time and tasks effectively.
9. Ability to work effectively in stressful situations.
10. Strong attention to detail.

The ideal candidate will have a technical background with significant previous experience in an enterprise environment with the following:
1. Previous experience leading a soc team unit responsible for analysis and correlation of cybersecurity event data
2. Skilled in understanding, recognizing, and detecting cybersecurity exploits, vulnerabilities, and intrusions in host and network-based systems
3. Comprehensive knowledge of defense-in-depth principles and network security architecture.
4. Experience with review of raw log files, and data correlation of firewall, network flow, ids, and system logs.
5. Experience in host forensics.
6. Knowledge of common network tools (e.g., ping, traceroute, nslookup).
7. Comprehensive understanding of network services, windows/unix port, services.
8. Understanding of database structure and queries.

Minimum education/certification requirements
1. Undergraduate degree in computer science, information technology, or related field
2. Gcia, gced, gpen, gcih or similar industry certification desired
This position requires shift work in a 11×5 environment, and the capacity to work evening, overnight, and weekend hours as required. This position does not require a u.s. Government security clearance. On-going travel is not anticipated.
NFF Disclosures:

NFF provides a competitive salary and benefits package including health insurance (medical, prescription, dental, and vision), life and disability insurance, PTO, paid holidays, 401 (k) match, Flexible Spending Accounts, Commuter benefits, and educational assistance. Please visit the careers page of our website (www.nffinc.com) for more details.

VOLUNTARY SELF-IDENTIFICATION FORM (CONFIDENTIAL)

We are an Equal Opportunity Employer and do not discriminate on the basis of race, color, religion, sex, age, national origin, disability, veteran status, sexual orientation or any other classification protected by Federal, state, or local law. NFF is subject to certain governmental recordkeeping and reporting requirements for the administration of civil rights laws and regulations and affirmative action. In order to comply with these laws, we invite you to voluntarily self-identify your gender, race and ethnicity. Submission of this information is voluntary and refusal to provide it will not subject you to any adverse treatment. The information will be kept confidential and will only be used in accordance with the provisions of applicable laws, executive orders and regulations, including those that require the information to be summarized and reported to the federal government. When reported, data will not identify any specific individual. This information will not be shared with hiring managers, will be kept separate from your application data and will not affect any employment decisions.

Source:https://jobs-nffinc.icims.com/jobs/2261/cybersecurity-soc-analyst/job?mode=job&iis=Indeed&iisn=Indeed.com&mobile=false&width=1152&height=500&bga=true&needsRedirect=false&jan1offset=360&jun1offset=360