ECS is seeking a SOC Analyst to work in our Washington, DC office.

Job Description:

• Perform hunting for malicious activity across the network and digital assets
• Respond to computer security incidents and conduct threat analysis
• Identify and act on malicious or anomalous activity
• Mentor and lead SOC Tier 1 Analysts in cybersecurity techniques and processes
• Manage six directly reporting Tier 1 Analysts, and act as deputy manager to an additional six Tier 1 analysts reporting to a sub-contractor.
• Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
• Perform detailed investigation and response activities for potential security incidents
• Provide accurate and priority driven analysis on cyber activity/threats
• Perform payload analysis of packets
• Recommends implementation of counter-measures or mitigating controls
• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
• Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
• Create and continuously improve standard operating procedures used by the SOC
• Resolve or coordinate the resolution of cyber security events
• Monitor incoming event queues for potential security incidents
• Create, manage, and dispatch incident tickets
• Monitor external event sources for security intelligence and actionable incidents
• Maintain incident logs with relevant activity
• Analyze the performance of the team through metrics and reporting
• Participate in root cause analysis or lessons learned sessions
• Participate in on-call rotation
• Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units

Salary Range: $60,000 - $70,000

General Description of Benefits

Required Skills:

• Bachelor's degree in Computer Science or related field or equivalent work experience
• Perform hunting for malicious activity across the network and digital assets
• Respond to computer security events, incidents and conduct threat analysis
• 2 years of Information Technology experience, with at least 2 years of experience in information security working within security operations and 2 years’ experience monitoring threats via a SIEM console
• Detailed understanding of NIST Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide
• Exceptional working knowledge of TCP/IP Networking and the OSI model
• In-depth knowledge of the Intelligence driven defense utilizing the Cyber Kill Chain (CKC)
• Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• Significant experience with packet analysis (Wireshark) and Malware analysis
• Strong working knowledge of Splunk preferred
• Strong customer service skills and decision-making skills
• Strong working knowledge of Windows and Linux command-line tools, networking protocols, systems administration and security technologies
• Strong working knowledge Hypertext Transfer Protocol response status codes
• Experience creating actionable content for a diverse range of commercial security tools and/or SIEM technologies
• Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems

Desired Skills:

• Minimum of 2 years’ experience in SOC/CIRT with 2-3 years of specific experience as a Lead Analyst preferred
• Experience with Splunk and Microsoft Defender for Endpoint preferred
• Previous SOC/ CIRT experience at a federal agency similar in size, scope, and complexity

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800 employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.