Role: SOC Analyst
Location: Bethesda,MD
Hey there,
We’re back to square one with the SOC Analyst role. What we’ve learned is AFS is looking for strong, in-depth experience with Splunk, IR and vulnerability management. The other key is finding someone that has experience with administrating EDR technologies, which is key piece for this role. Can you please screen any future candidate for experience with administrating, modifying, and implement EDR policies and deploying EDR agents across enterprise-level environments? Thanks for your help!
New Job Description:
is seeking a Security Operations Center Analyst to join our team on a long-term contract with a federal government. It’s hybrid/remote role - interested candidates must be local to DC/Maryland/Virginia and able to work at the client facility in Bethesda, MD every Monday (required). The rest of the work schedule or location is remote. Must be a US Citizen and able to pass a standard background check. Start date is ASAP. Project length is 12 months+.
Key responsibilities and skills:
1. Strong, in-depth experience with Splunk, IR and vulnerability management.
2. Experience with administrating EDR technologies - experience with administrating, modifying, and implement EDR policies and deploying EDR agents across enterprise-level environments.
3. Monitor and analyze security threats and vulnerabilities and implement appropriate countermeasures.
4. Ensure compliance with regulatory compliance directives, including various NIST security controls and monitoring and reporting requirements.
5. Manage incident response efforts and assist in investigations into security breaches.
6. Communicate and report to stakeholders on security-related documents and status updates.
7. Assist in the development, implementation and oversight of SOC standard operating procedures used to guide daily activities of the operations center.
8. Utilize various security tools like Tenable Security Center, Splunk, MS Defender, SEIM, Symantec DLP, Netsparker, Penetration Testing, ServiceNow, Web Application Security, Data Loss Prevention, Incident Response, Forensics, Security Tool Evaluation, and Endpoint Protection (Cylance), and Darktrace.
9. Assist in managing risk and security threats to Operational Technology (OT) and Industrial Control Systems (ICS).
10. Client is moving towards utilizing SmartSheets and Scrum to manage their tasks so familiarity with this would also be a plus.
11. Experience with Operational Technology and Industrial Control System security is a plus but not required.
Qualifications:
1. At least five years of experience within the Cyber Security industry, with experience in security event monitoring and incident response services within an enterprise network security environment.
2. Bachelor’s or Master’s degree in information technology or related disciplines; or have equivalent and direct experience with the management, operation, and direction of a network and/or security operations center.
3. CISSP, CISM, CySA+, or GCIH certifications are desired.
4. Strong understanding of log analysis and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryption standards.
5. Strong understanding of the various industry standard cyber security disciplines and generally accepted practices governing the present-day cyber security industry.
6. Strong understanding of regulatory compliance directives to include various NIST security controls and monitoring and reporting requirements.
7. Experience with managing and ensuring the timely response and investigations of security events and incidents within a security operations center.
Job Type: Contract
Pay: $62,443.77 - $65,201.10 per hour
Benefits:
- 401(k)
- Dental insurance
- Health insurance
Experience level:
Schedule:
Experience:
- SoC: 10 years (Required)
- Cybersecurity: 10 years (Required)
- Vulnerability management: 10 years (Required)
- Splunk: 10 years (Required)
Ability to Commute:
- Bethesda, MD 20814 (Required)
Ability to Relocate:
- Bethesda, MD 20814: Relocate before starting work (Required)
Work Location: In person