Location: Herndon, VA
Duration: 1+ years
Rate: $43/hr W2
- SOC Tier 1 Analyst must be willing to work in a 24x7x365 Security Operations Center environment. Including Holidays.
- Demonstrate intuitive problem solving skills and allow for flexible scheduling.
- Monitor network traffic for security events and perform triage analysis to identify security incidents.
- Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with SOC requirements.
- Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
- Ability to obtain Clearance.
- Performs network security monitoring and incident response for a large organization, coordinates with other government agencies to record and report incidents.
- Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
- Monitors and analyzes Security Information and Event Management SIEM to identify security issues for remediation.
- Knowledge of creating Security Information Event Management SIEM tool rules.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
- Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems. Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
- Recommend changes to Standard Operating Procedures and other similar documentation
- Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
- 1-3 + years of related experience in information technology and/or information security preferred
- An understanding of Cyber Security Incident Response and Network Security Monitoring
- Fundamental understanding of computer networking (TCP/IP)
- Knowledge of Windows, Linux and Cisco operating systems and information security
- Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk, Symantec antivirus, Firewalls and Sourcefire and similar tools preferred.
- • Ability to obtain Clearance.
- Desirable certifications include, but not limited to:
- o CompTIA Security+, SANs GSEC, GCIH, GCIA. Carnegie Mellon SEI Certified Incident Handler. Security. EC Council C|EH, Microsoft MCSE
(732) 983-5528 Ext.166
1001 Durhan Avenue, Suite 201
South Plainfield, NJ, 07080