Full Time | IT Outsourcing & Consulting1 Month Ago
Save
Gridiron IT Solutions is Hiring a Sr SOC Analyst with Security Clearance - Now Hiring Near Arlington, VA
GridIron IT is seeking a Sr SOC Analyst with an active Secret clearance in Arlington, VA. Work is currently hybrid (2x week onsite). Responsibilities: - Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack - Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations - Collects network intrusion artifacts (e.g., PCAP, domains, URI’s, certificates, etc.) and uses discovered data to enable mitigation of potential incidents - Collects network device integrity data and analyze for signs of tampering or compromise - Analyzes identified malicious network and system log activity to determine weaknesses exploited, exploitation methods, effects on system and information - Tracking and documenting on-site incident response activities and providing updates to leadership through executive summaries and in-depth technical reports - Planning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer related evidence - Serving as technical forensics liaison to stakeholders and explaining investigation details Required Education: 8 years of experience and BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10 years of host or digital forensics or network forensic experience Desired Certifications: - GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNFA Required Skills: - Must have an active Secret clearance (TS/SCI eligible) and be able to obtain DHS Suitability - 8 years of directly relevant experience in cyber forensic and network investigations using leading edge technologies and industry standard forensic tools - Experience with reconstructing a malicious attack or activity - Ability to characterize and analyze network traffic, identify anomalous activity / potential threats, analyze anomalies in network traffic using metadata - Ability to create forensically sound duplicates of evidence (forensic images) - Able to write cyber investigative reports documenting forensics findings - In depth knowledge and experience of: • identifying different classes and characterization of attacks and attack stages • CND policies, procedures and regulations • proactive analysis of systems and networks, to include creating trust levels of critical resources • system and application security threats and vulnerabilities • of network topologies, Wi-Fi Networking, and TCP/IP protocols • Splunk (or other SIEMs) • Vulnerability scanning, assessment and monitoring tools such as Security Center, Nessus, and Endgame •MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK) - Must be able to work collaboratively across physical locations.