SOC Analyst/Incident Responder

Soft Tech Consulting
Full Time
Alexandria, VA
Posted
Apply This Job
Job description

Overview:Soft Tech Consulting is seeking a highly motivated, self-directed individual to fill the role of a SOC Analyst/Incident Responder for an existing government client. The place of performance is in Franconia/Springfield, VA.

*
MUST HAVE AT LEAST AN INTERIM SECRET CLEARANCE
*

Responsibilities:

  • Responds to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats.
  • Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security.
  • Position will receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
  • Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
  • Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
  • Perform cyber defense trend analysis and reporting.
  • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
  • Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs).
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
  • Track and document cyber defense incidents from initial detection through final resolution.
  • Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.
  • Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness).
  • Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
  • Serve as technical expert and liaison to law enforcement personnel and explain incident details as required.
  • Coordinate with intelligence analysts to correlate threat assessment data.
  • Write and publish after action reviews.
  • Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
  • Coordinate incident response functions.

Qualifications:

  • Bachelor Degree + 2 yrs - The applicant will have a Bachelor Degree in computer science, cybersecurity, information technology, software engineering, information systems, computer engineering preferred and 2+ years of relevant experience in at least one of the following areas: security operations, incident response, network security operations, network/host intrusion detection, threat response or specialized experience in information technology, information security or cybersecurity.
  • No Degree + Cert + 5 yrs - Or, in lieu of a specialized degree, the applicant will have an Industry certification of CISSP, SSCP, CASP+, or GCIH and 5+ years of relevant experience in at least one of the following areas: security operations, incident response, network security operations, network/host intrusion detection, threat response or specialized experience in information technology, information security or cybersecurity.
  • Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • Working knowledge of tasks involved in incident response operations for Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or Security Operations Center (SOC)
  • Proficient with monitoring and investigating security events using security tools.
  • Proficient with reviewing alerts to determine relevancy/urgency and communicating the assessment to others for action.
  • Proficient with performing incident response analysis based on investigation requirements.
  • Skilled at communicating with external groups in response to or with the resolution of identified issues.
  • Proficient with supporting/developing reports during and after incidents, which include all actions taken to properly mitigate, recover, and return to normal operations.
  • Proficient independently authoring clear and concise reports.
  • Proficient with drafting and reviewing documents including operational procedures, user guides, and manuals.
  • Adept at suggesting relevant process improvements to leadership.
  • Propensity for discovering and supporting new analytic methods for detecting threats.
  • Knowledge of Open Systems Interconnection (OSI) model and underlying network protocols (e.g., Transmission Control Protocol and Internet Protocol (TCP/IP).
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Skilled in using security event correlation tools.
  • Skilled analysis of log files from a variety of sources.
  • Must be proficient with 2 or more tools (SPLUNK, Tanium, Tenable, and /or Symantec).
  • Must be flexible to work in a 5 X 24 environment across all shifts Monday through Friday.
  • Shall meet or exceed National Initiative for Cybersecurity Careers and Studies (NICCS) code PR-CIR-001 knowledge, skills, and abilities at an “Intermediate Level”.

About Us:Soft Tech Consulting, Inc. is a woman and minority-owned business headquartered in Chantilly, VA. With contracts in both the public and private sectors in the DC metro area and across the country, Soft Tech is an organization made up of highly successful and talented Information Technology professionals offering enterprise class solutions for any size organization at great value. Soft Tech’s mission is to help government organizations design, implement, and maintain mission critical Information Technology solutions. By focusing jointly on our employees and our customers, we are able to achieve our mission by providing each and every one of our customers with continuous quality customer support.

Soft Tech Consulting, Inc. is an Equal Opportunity Employer.

Job Type: Full-time

colinoncars.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, colinoncars.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, colinoncars.com is the ideal place to find your next job.

Save This Job Apply Job

Intrested in this job?

Related Jobs

All Related Listed jobs

Medical Staff Credentialing Specialist
Avem Health Partners Oklahoma City, OK 73134

JOB PURPOSE: Responsible for all aspects of provider credentialing and re-credentialing with insurance companies, the hospitals, clinics and any other patient care facilities.ESSENTIAL FUNCTIONS
B2B Commerce Cloud Developer
kasmo cloud solutions Remote

Position: Salesforce B2B Commerce Cloud Developer Location: Remote, USA Type: Contract Job Description: 4-year degree in a related field, or equivalent experience Certificationmustbe
Store Associate, Woodbury Commons
Laderach USA Woodbury, NY

A Lderach Store Associate is a brand ambassador, passionate about providing a wonderful shopping experience for Lderach customers. The ideal Store Associate is a chocolate-lover with vibrant
Maintenance Engineer (Atlanta, GA)
Westmount Realty Group LLC Norcross, GA 30071

COMPANY Dallas-based, privately held commercial real estate development and investment management company with exceptional performance specializing in
Home Care Giver- Iola, WI: 6 hours a week
VILLAGE CAREGIVING LLC Iola, WI 54945

Village Caregiving is hiring responsible, dedicated in-home caregiver for an evening role, from 730pm to 930pm, 3 days a week! We have an immediate need for caregiver with in the Iola, WI. With
IT Business Analyst
TRESUME McLean, VA 22102

Our Clients are looking for Jr. Business Analyst for multiple locations. The candidate must have a proactive mindset, be a self-started and comfortable working on their own and with technical teams
Assistant Engineer
LEE KUM KEE Industry, CA 91746

Founded in 1888, Lee Kum Kee, a Hong Kong-based global food company, specializes in creating condiments and sauces that promote Chinese cuisine worldwide. With more than 200 products to choose
Regional Operations Manager - Places
LEARFIELD New York, NY

ANC seeks a Regional Operations Manager, Places to serve as a devoted resource for the company's commercial accounts/clients (the "Places" vertical). Operating under the venue solutions arm of the
Field Nurse Consultant RN Long Term Care
CVS Health Denver, CO

*** For this travel role, eligible candidates will reside within the Denver area and will work full time visiting Omnicare contracted facilities in Denver, the surrounding area, and other states as