Job Description
Job Title: SOC Analyst Location: Ashburn, VA (Remote) Experience: 2+ Entry Level Work Authorization: USC, GC and EAD Job Details: Supporting the Cyber Defense Operations Center (CDOC) team, provide event triage, response, and log analysis, including: β’ Triage events and alerts to determine if an incident has occurred including locating owners of assets, validating if an event was a true positive, and escalating incidents as necessary to the Incident Response team (CSIRT) β’ Perform rapid response and triage of security reports from Cybercrime and other teams, appropriately investigating, containing, escalate based on the determination, and ticket closure β’ Perform thorough analysis on email phishing reports and threats. Ensure appropriate containment & eradication is performed based on the threat perceived & documented guidance β’ Facilitate communication and collaborate with internal teams, management, and external stakeholders to provide timely updates on incident progress β’ Perform basic forensic examinations on hosts and support CSIRT on response tasks when engaged β’ Create recommendations and requirements for content detection and response 2 Demonstrate solid understanding & experience with security controls/tooling used by CDOC, including: β’ Splunk and Elasticsearch (SIEM/Logging) β’ Splunk SOAR (Case Management) β’ Endpoint Security: Microsoft Defender for Endpoint, CrowdStrike, Wazuh, & Tanium β’ Network Security: Netskope SWG and CASB, Palo Alto IPS, CloudFlare WAF, Extrahop, & NetWitness β’ IAM: Azure AD β’ Intermediate knowledge of Public Cloud environments to support AWS & GCP threat response 3 Strong understanding of networking & a variety of IT systems, apps, & their operational configurations 4 Knowledge of Threat Actor tactics, techniques, and procedures (TTPs), log analysis, network traffic analysis, and analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise 5 Strong oral & written communication abilities to engage with internal stakeholders within & outside of InfoSec 6 Roles will support 8-hour work shifts (during the day) 7 Roles may require overtime, on-call, & weekend coverage (shift rotation) from time-to-time Apply tot his job