SOC Security Analyst

Job Title : SOC Security Analyst (secret clearance required)

Job Location : Falls Church, VA

Pay Rate : $50 / hr - $53 / hr with a $105,000 - $110,000 Converstion

Duration : 6 month contract then direct hire / permanent guaranteed, at 6 months exactly. Long term candidates only. Tenured preferred.

Position Summary :

To be successful in this position you need to be collaborative and willing to work within a team. While you will need to be a self-starter completing tasks on your own, working together is critical in this role. You will be interfacing with the client and senior staff. Therefore, you should be articulate in your communications because your opinion matters. You will need to explain technical intricacies in a way that is easily understood.

Duties / Responsibilities : This position will include, but is not limited to, the following tasks :

• Perform forensic analysis of digital information and gathers and handles evidence. Identify network computer intrusion evidence and perpetrators.
• Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
• Interpret, analyze, and report all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
• Evaluate, test, recommend, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
• Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
• Identify security risks and exposures, determine the causes of security violations, and suggest procedures to halt future incidents and improve security.
• Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks, or leaks.
• Correlate data feeds and logs to analyze with known threats and incidents, build, implement, and refine event correlation rules, logic, content, and analysis techniques that will enable SOC personnel to correlate events and security incidents with specific sources, such as individuals, threat actors, IT systems, devices, and IP addresses.
• Responsible for performing correlation activities and trend analysis to discover attack patterns and assess the risks and potential exposure of assets and develop and enhance correlation rules, logic, and analysis techniques for associating data.
• Provide guidance to junior-level staff, as necessary. May serve as team or task lead.
• Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
• Assists in the implementation, management, and administration of the organization's structure and workflow within eMASS.
• Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (DHS).
• Assist in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.
• Assist ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.
• Assist in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews.
• Support the identification, dissemination and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army and NIST guidance.
• Other duties as assigned.

Basic Required Qualifications and Skills :

o At start date must possess an active CompTIA Security CE certification.

o At start date, must possess one of the following CSSP Incident Responder certifications :

CySA , CEH, or GCIH

o When 8140 requirements are implemented on program / contract, employee will need to conform to 8140 certification standards.

o Strong customer service experience as this position will require candidate to engage with senior military and government leadership.

o Ability to present ideas clearly through briefings, meetings and interaction with leadership of different skill sets.

o Ability to provide training sessions as required.

o Ability to engage with stakeholders to ensure tasks are progressing and meeting timelines.

o Ability to work under time constraints and adapt to changes in requirements and new projects.

o Ability to maintain and upgrade certifications.

o Ability to assimilate information rapidly, motivated to self-study new requirements.

o Maintain current industry knowledge of relevant concepts, practices, and procedures.

o DoD 2875 account request processes

o ACTCS training system

Salary : $105,000 - $110,000