Logo
Apex Systems

Sr. SOC Analyst

Apex Systems, Alexandria, Virginia, us, 22350


Employment Type:

6-Month Contract to HireClient:

GovernmentClearance Required:

TS/SCIJob Title:

Tier 2 SOC AnalystLocation:

Alexandria, VA (Fully Onsite)HOW A CYBER SECURITY SOC ANALYST WILL MAKE AN IMPACT:Must have strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis.Experience and ability to analyze information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents. This includes security event triage, incident investigation, implementing countermeasures, and conducting incident response.Must be knowledgeable and have hands-on experience with Splunk Security Information and Event Management (SIEM) System.Monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting.Strong logical/critical thinking abilities, especially analyzing security events (windows event logs, network traffic, IDS/IPS events for malicious intent).Excellent organization and attention to details in tracking activities within various Security Operation workflows.A working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).Experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment.Experience with one or more of the following technologies: Network Threat Hunting, Big Data Analytics, Endpoint Threat Detection and Response, SIEM, workflow and ticketing, and Intrusion Detection System.Provide Cyber Security/Threat Hunting expertise and deep analysis of raw data from assets supporting Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services.Proactively search and identify indicators of compromise and anomalous behavior which is indicative of malicious behavior that has not yet met the event/incident threshold, or has not been detected by automated security tools.Assess data from multiple sources and navigate the cyber terrain to identify suspicious behavior.Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report.Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts.Demonstrate systems experience using Security Information and Event Management (SIEM) and Incident Response analysis.Knowledge of Network Intrusion Detection System/Intrusion Prevention Systems (NIDS/IPS) as well as Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).Knowledge of Security Orchestration Automation and Response (SOAR), Endpoint and Network Detection and Response (EDR/NDR) and User Behavior Analytics (UBA).Ability to demonstrate strong analytical and problem-solving skills, and also leverage interpersonal, organizational, writing, communications, and briefing skills.WHAT YOU’LL NEED TO SUCCEED:Education: BS/BA degree or equivalent work experience and technical certs/training.Required Experience: 8+ years of related experience in Cyber Security, Security Operation Center (SOC) Analysis and Threat Hunting.Required: DoD 8570 certs: CEH cert is required but will also consider GSOC, CFR, GCIH, GCIA and/or GSEC, CSSP Analyst - required to Start (CEH, CFR, CCNA Cyber Ops, CySA+, GCIA, GCIH, GICSP, SCYBER).US Citizenship Required due to the TS/SCI clearance requirement.Required Skills and Abilities: Communication, presentation, problem solving, analytical skills, detail oriented, and knowledge of server and client operating systems.Required Technical Skills: Cyber Security SOC Analysis Tier II/III and Threat Hunting work experience. Working knowledge of Splunk Enterprise Security, Palo Alto, RSA Netwitness Full Packet Capture (PCAP) system, Cisco Firepower IPS, and Crowdstrike EDR.Security Clearance Level: Active TS/SCI required.Preferred Skills: Knowledge of current and emerging threats/threat vectors, and vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).Location: On Customer Site in Newington VA, Monday through Friday, 1st shift only. No weekends or nights.EEO EmployerApex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package.

#J-18808-Ljbffr