Demo - Maximus
Security Operations Center (SOC) Analyst - TS/SCI
Demo - Maximus, Arlington, Virginia, United States, 22201
Job Summary
Maximus is looking for a SOC Analyst with a TS/SCI to join a team in Arlington, VA.
Who We Seek:• Passion Seekers. You genuinely care about the work that you do and its impact on society.• Self-Starters. You’re a go-getter who isn’t afraid to step up and disrupt the status quo.• Entrepreneurs. You bring fresh ideas to the table, work hard, develop business, and consistently seek new challenges.• Collaborators. You’re a great contributor to a high performing team that accomplishes great feats for our clients.
What You Will Do:• Improve the cybersecurity posture by identifying, verifying, and understanding cyber events in order to respond effectively, recommend mitigation strategies, and deliver timely products that address and incorporate stakeholder needs.• Track incident notifications and identify trends and activities to prevent, respond, and recover.• Conduct incident management, triage, investigation, and analysis, including incident logging, tracking, and reporting.• Conduct problem resolution and provide subject matter expertise in security investigations best practices• Collect, analyze, and correlate security events and use discovered data to enable recommendation of mitigation of potential incidents• Identify events that pose a threat to the confidentiality, availability and integrity of information or systems• Provide quality assurance accuracy, consistency, and reliability to security event data in tickets and reports• Perform incident triage to include determining accuracy, scope, urgency, and impact• Provide incident coordination and updates to Incident Response Teams (IRTs)• Notify management of suspected incidents and articulate the event’s history, status, and potential impact• Track and report on-going cyber security incidents to the primary incident handler• Provide event and incident operational and executive reporting• Respond to verified incidents utilizing a wide array of tools to mitigate active threats• Provide updates to Standard Operating Procedures (SOP) and incident response playbooks
Required Skills:• Years of Experience: 4 Years• Minimum Education Required: Bachelor's Degree• Must Have Active TS/SCI Clearance in JPAS• Due to federal client requirements, only US Citizens can be considered• 2+ years of experience responding to audits• Understand concepts of NIST 800 series, CNSSI 1253, NISPOM Chapter 8, and related publications• Familiarity with the Risk Management Framework (RMF) process• Ability to implement and monitor technical, administrative, and operational security controls• Ability to prioritize competing demands and complete tasks on schedule• Working knowledge with using of scanning tools and interpreting results• Working knowledge of Enterprise vulnerability scanning concepts and/or industry standard software offerings• Working knowledge of Enterprise Endpoint Security concepts and/or industry standard software offerings
Desired Skills:• Possess IAM Level II certification in accordance with DoD 8570.01M, such as Security+ CE• Competent written and oral communication skills• Working knowledge with cloud environment concepts• Knowledge and/or understanding of Security incident management• Familiarity with Enterprise Security analytics concepts and/or industry standard software offerings, e.g., Splunk• Familiarity with Scrum Agile concepts and/or industry standard software offerings, e.g., Atlassian JIRA• 2-4 years of experience in a Cybersecurity role within the Information Assurance (IA) or Information Technology industry• 1-2 years of Federal Government experience• Ability to coordinate disparate pieces of information into a cohesive response• Demonstrated ability to build trusted advisor relationships with clientsEducation and Experience Requirements
Required Skills:
- At least three years of experience in working as a network security analyst in a security operations center and/or in handling, responding and managing computer security incidents.- Must have the ability and prior experience with analyzing information technology security events to discern events that qualify as a legitimate security incidents as opposed to non-incidents. This includes the identification of malicious code present within a computer system as well identification of malicious activities present within a computer system and/or enterprise network.- Must possess excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings.- Must possess excellent organizational and attention to details skills.- Must possess a working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks. A conceptual understanding of Windows Active Directory is also required.- Must possess a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).- Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms that perform log collection, analysis, correlation, and alerting is also required.- Must have proficiency in utilizing various packet capture (PCAP) applications/engines and in the analysis of PCAP data.- Must have experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment.- Must possess Python and/or Powershell scripting abilities.- Must have proficiency in SIEM and IDS creation.- Must possess ability to mentor and train junior and mid-level analysts.Desired Skills:
- Demonstrated ability to build trusted advisor relationships with clients- Experience supporting sales and business development- Experience with financial managementYears of Experience:
3+ yearsMAXIMUS IntroductionSince 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit https://www.maximus.com.
As a large employer and Federal contractor, Maximus is subject to various vaccine mandates across our lines of business. Maximus is committed to complying with any applicable vaccine mandates. The specific vaccine requirements for this position will be outlined throughout the selection process. Individuals who believe they may qualify for a medical or religious accommodation will have the opportunity to apply for an accommodation following an offer of employment. EEO Statement: Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.
Maximus is looking for a SOC Analyst with a TS/SCI to join a team in Arlington, VA.
Who We Seek:• Passion Seekers. You genuinely care about the work that you do and its impact on society.• Self-Starters. You’re a go-getter who isn’t afraid to step up and disrupt the status quo.• Entrepreneurs. You bring fresh ideas to the table, work hard, develop business, and consistently seek new challenges.• Collaborators. You’re a great contributor to a high performing team that accomplishes great feats for our clients.
What You Will Do:• Improve the cybersecurity posture by identifying, verifying, and understanding cyber events in order to respond effectively, recommend mitigation strategies, and deliver timely products that address and incorporate stakeholder needs.• Track incident notifications and identify trends and activities to prevent, respond, and recover.• Conduct incident management, triage, investigation, and analysis, including incident logging, tracking, and reporting.• Conduct problem resolution and provide subject matter expertise in security investigations best practices• Collect, analyze, and correlate security events and use discovered data to enable recommendation of mitigation of potential incidents• Identify events that pose a threat to the confidentiality, availability and integrity of information or systems• Provide quality assurance accuracy, consistency, and reliability to security event data in tickets and reports• Perform incident triage to include determining accuracy, scope, urgency, and impact• Provide incident coordination and updates to Incident Response Teams (IRTs)• Notify management of suspected incidents and articulate the event’s history, status, and potential impact• Track and report on-going cyber security incidents to the primary incident handler• Provide event and incident operational and executive reporting• Respond to verified incidents utilizing a wide array of tools to mitigate active threats• Provide updates to Standard Operating Procedures (SOP) and incident response playbooks
Required Skills:• Years of Experience: 4 Years• Minimum Education Required: Bachelor's Degree• Must Have Active TS/SCI Clearance in JPAS• Due to federal client requirements, only US Citizens can be considered• 2+ years of experience responding to audits• Understand concepts of NIST 800 series, CNSSI 1253, NISPOM Chapter 8, and related publications• Familiarity with the Risk Management Framework (RMF) process• Ability to implement and monitor technical, administrative, and operational security controls• Ability to prioritize competing demands and complete tasks on schedule• Working knowledge with using of scanning tools and interpreting results• Working knowledge of Enterprise vulnerability scanning concepts and/or industry standard software offerings• Working knowledge of Enterprise Endpoint Security concepts and/or industry standard software offerings
Desired Skills:• Possess IAM Level II certification in accordance with DoD 8570.01M, such as Security+ CE• Competent written and oral communication skills• Working knowledge with cloud environment concepts• Knowledge and/or understanding of Security incident management• Familiarity with Enterprise Security analytics concepts and/or industry standard software offerings, e.g., Splunk• Familiarity with Scrum Agile concepts and/or industry standard software offerings, e.g., Atlassian JIRA• 2-4 years of experience in a Cybersecurity role within the Information Assurance (IA) or Information Technology industry• 1-2 years of Federal Government experience• Ability to coordinate disparate pieces of information into a cohesive response• Demonstrated ability to build trusted advisor relationships with clientsEducation and Experience Requirements
Required Skills:
- At least three years of experience in working as a network security analyst in a security operations center and/or in handling, responding and managing computer security incidents.- Must have the ability and prior experience with analyzing information technology security events to discern events that qualify as a legitimate security incidents as opposed to non-incidents. This includes the identification of malicious code present within a computer system as well identification of malicious activities present within a computer system and/or enterprise network.- Must possess excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings.- Must possess excellent organizational and attention to details skills.- Must possess a working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks. A conceptual understanding of Windows Active Directory is also required.- Must possess a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).- Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms that perform log collection, analysis, correlation, and alerting is also required.- Must have proficiency in utilizing various packet capture (PCAP) applications/engines and in the analysis of PCAP data.- Must have experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment.- Must possess Python and/or Powershell scripting abilities.- Must have proficiency in SIEM and IDS creation.- Must possess ability to mentor and train junior and mid-level analysts.Desired Skills:
- Demonstrated ability to build trusted advisor relationships with clients- Experience supporting sales and business development- Experience with financial managementYears of Experience:
3+ yearsMAXIMUS IntroductionSince 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit https://www.maximus.com.
As a large employer and Federal contractor, Maximus is subject to various vaccine mandates across our lines of business. Maximus is committed to complying with any applicable vaccine mandates. The specific vaccine requirements for this position will be outlined throughout the selection process. Individuals who believe they may qualify for a medical or religious accommodation will have the opportunity to apply for an accommodation following an offer of employment. EEO Statement: Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.