We are currently seeking a
SOC Analyst - Cloud to join our client's Cyber Threat Fusion Center (CFTC) team in
New Carrollton, MD. This is a
Hybrid position (
on-site once a week) critical in safeguarding our client's network and assets, ensuring robust security measures and procedures are maintained. As a SOC Analyst, you will play a pivotal role in incident response, threat hunting, and security analysis within a high-stakes environment protecting substantial assets for this Federal client.
Key Responsibilities:
- Monitor security alerts and logs from various Cloud native cybersecurity tools and cloud service models (SaaS, IaaS, and PaaS) to detect and prioritize potential threats to cloud-based assets.
- Utilize a deep understanding of endpoint analysis, leveraging tools and knowledge in PowerShell, and cloud security tools (e.g., Defender, AWS Security tools) to strengthen our security posture.
- Demonstrate proficiency in writing and understanding snort rules, with a strong capability in utilizing SIEM tools, specifically Splunk, for detailed incident analysis and resolution.
- Serve as an escalation point for security incidents, minimizing reliance on external escalation and providing comprehensive solutions.
- Engage in proactive threat hunting, leveraging network data, netflows, and PCAPs for detailed analysis, and employing log information analysis (sysmon, event ID, registry rights) to preemptively identify and neutralize threats.
Requirements:
- 4+ years of experience in Cyber Security, particularly within SOC/CIRT environments.
- Bachelors Degree in Cybersecurity or alike field
- Ability to obtain an IRS Public Trust clearance.
Compensation:
- Salary Range: $90,000 – $110,000 **depending on experience**
- Full Benefits: Cigna Medical, Dental, Vision, 401K, Paid Time off (PTO), Paid Holidays, Sick leave if required by law,
This job opens for applications on 12/20/2024. Applications for this job will be accepted for at least 30 days from the posting date
Keywords: Cybersecurity, Incident Response, Splunk, Splunk SPL, SPL, Packet Capture, Wireshark, Wire Shark, Network Forensics, Threat Hunting, Intrusion Detection, Log Analysis, SIEM (Security Information and Event Management), Malware Analysis, Network Traffic Analysis, Forensic Analysis, Threat Intelligence, Security Operations Center (SOC), Vulnerability Assessment, IDS/IPS (Intrusion Detection System/Intrusion Prevention System), PCAP Analysis, Network Security, Anomaly Detection, Endpoint Detection and Response (EDR), Cyber Threats, Cyber Attack, Threat Mitigation, Forensic Investigation, Digital Forensics, Security Incident, Data Breach, Advanced Persistent Threat (APT), Insider Threat, Security Policies, Compliance Management, Security Architecture, Security Operations, Incident Handling, Network Security Monitoring (NSM), Security Awareness Training, Security Risk Assessment, Threat Intelligence Platforms (TIP), Security Analytics, Insider Threat Detection, MITRE, 0365, AWS, Amazon web services, guard duty, azure, cloud, cloud environment