Scout Solutions Inc Defunct
Tier II SOC Analyst
Scout Solutions Inc Defunct, Pasco, Washington, us, 99302
Tier II SOC Analyst
Washington D.C. / Hybrid
Job Overview We are currently seeking a Tier II Cybersecurity Analyst to provide support to our client in Washington D.C. Clearance Required: Candidate must be able to receive a Public Trust 6c Clearance
Responsibilities and Duties • Provide Tier 2 support by analyzing network traffic and various log data to determine the threat/impact against the network, recommending appropriate countermeasures, facilitating the tracking, handling, and reporting of all security events and computer incidents. • Remediate and apply lessons learned to security incident investigation and resolution. • Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure. • Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases. • Develop processes that align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center . • Create custom tool content to enhance capabilities of security operations teams. • Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure. • Perform Security Incident Management aligned with NIST standards. • Technical writing experience: • Standard Operating Procedures • Concept of Operations (CONOPS) • Incident Response Plans • Training Exercises • Tool configurations and content creation
Qualifications • 1-3 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC). • Bachelors' degree in Computer Science, Information Technology or related technical field. Additional years of experience can be substituted for a degree. • Experience with Security Information and Event Management (SIEM) Systems, Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, and large Enterprise or Cloud environments. • Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution. • Good interpersonal skills to interact with customers, team members and support personnel. • Strong analytical and problem solving skills for investigating security issues. • Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK). • At least one active security certification • Experience with one or more of the following tools: • Azure Advanced Threat Analytics • Azure Log Analytics • Windows Defender Security • McAfee ePO, HIPS • FireEye NX, EX/ETP, HX, AX
Desired Qualifications: • Programming and/or scripting language experience; ideally PowerShell • Search query language experience & content creation; ideally Kusto • Project management experience to help build tiger teams for special projects • MS Office, Visio, PowerBI proficiency
Job Overview We are currently seeking a Tier II Cybersecurity Analyst to provide support to our client in Washington D.C. Clearance Required: Candidate must be able to receive a Public Trust 6c Clearance
Responsibilities and Duties • Provide Tier 2 support by analyzing network traffic and various log data to determine the threat/impact against the network, recommending appropriate countermeasures, facilitating the tracking, handling, and reporting of all security events and computer incidents. • Remediate and apply lessons learned to security incident investigation and resolution. • Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure. • Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases. • Develop processes that align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center . • Create custom tool content to enhance capabilities of security operations teams. • Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure. • Perform Security Incident Management aligned with NIST standards. • Technical writing experience: • Standard Operating Procedures • Concept of Operations (CONOPS) • Incident Response Plans • Training Exercises • Tool configurations and content creation
Qualifications • 1-3 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC). • Bachelors' degree in Computer Science, Information Technology or related technical field. Additional years of experience can be substituted for a degree. • Experience with Security Information and Event Management (SIEM) Systems, Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, and large Enterprise or Cloud environments. • Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution. • Good interpersonal skills to interact with customers, team members and support personnel. • Strong analytical and problem solving skills for investigating security issues. • Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK). • At least one active security certification • Experience with one or more of the following tools: • Azure Advanced Threat Analytics • Azure Log Analytics • Windows Defender Security • McAfee ePO, HIPS • FireEye NX, EX/ETP, HX, AX
Desired Qualifications: • Programming and/or scripting language experience; ideally PowerShell • Search query language experience & content creation; ideally Kusto • Project management experience to help build tiger teams for special projects • MS Office, Visio, PowerBI proficiency