Security Operations Center (SOC) Analyst (Junior)

ECS is seeking a Security Operations Center (SOC) Analyst (Junior) to work in our Windsor Mill, MD office.

Iron Vine Security, an ECS Federal company, is a rapidly growing information security and information technology company in Fairfax, VA. We are looking to hire a Junior Cyber Security Analyst to provide a full range of cyber security services on a long-term contract in Baltimore, MD. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

• Must have familiarity with US-CERT Federal Incident Notification Guidelines

• Splunk, Elastic, Snowflake, and Akamai WAF experience preferred

• Working knowledge of CrowdStrike, TrendMicro and McAfee host-based solutions

• Knowledge of log, network, and system forensic investigation techniques

• Experience performing analysis of log files from a variety of sources, including individual host logs, network traffic logs, firewall logs, or intrusion prevention/detection logs

• Experience with packet analysis (Wireshark) and malware analysis preferred

• Experience conducting intelligence driven defense utilizing the MITRE ATT&CK framework and Cyber Kill Chain (CKC)

• Diverse knowledge base of operating systems, network protocols, system administration, and security technologies

• Knowledge of TCP/IP Networking and the OSI model

• Experience monitoring threats via SIEM console

• Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems

• Strong customer service skills and decision-making skills

• Working knowledge of client infrastructure preferred

• Perform hunting for malicious activity across the network and digital assets

• Respond to computer security incidents and conduct threat analysis

• Identify and act on malicious or anomalous activity

• Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network

• Perform detailed investigation and response activities for potential security incidents

• Provide accurate and priority driven analysis on cyber activity/threats

• Perform payload analysis of network packets

• Recommends implementation of counter-measures or mitigating controls

• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment

• Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity

• Create and continuously improve standard operating procedures used by the SOC

• Resolve or coordinate the resolution of cyber security events

• Monitor incoming event queues for potential security incidents

• Create, manage, and dispatch incident tickets

• Monitor external event sources for security intelligence and actionable incidents

• Maintain incident logs with relevant activity

• Document investigation results, ensuring relevant details are passed to SOC Lead, Incident Management team and stakeholders

• Participate in root cause analysis or lessons learned sessions

General Description of Benefits

Requirements:

• CompTIA Security

• EC Council Certified Ethical Hacker (CEH)

• Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Certified Incident Handler (GCIH)

Req Benefits: Pay Transparency In order to support the Fair Compensation Strategy by the US Govt., HR Dept., clients are required to adhere to "Pay Transparency Law"; in the impacted states; that have mandated the employers to list the salary ranges in Job advertisements or postings for job opportunities and Job promotions.