Job ID: 2406413

Location: ATLANTA, GA, US

Date Posted: 2024-05-06

Category: Cyber

Subcategory: Cybersecurity Ops

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: Public Trust

Potential for Remote Work: No

Description

SAIC is seeking a SOC Analyst in Atlanta, GA. This is support the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats.

SOC Activities:

• Collect, analyze, and correlate security events and use discovered data to enable recommendation of mitigation of potential incidents within the enterprise as defined by Computer Security Incident Response Center (CSIRC) methodology.
• Identify events that pose a threat to the confidentiality, availability and integrity of information or systems that may be indicative of a violation of federal law or HHS Policy.
• Perform incident triage to include determining accuracy, scope, urgency, and impact.
• Provide incident coordination and updates to the OpDiv Incident Response Teams (IRTs) and HHS through prescribed CSIRC methodology.
• Notify CSIRC management and other HHS IRT members of suspected incidents and articulate the event’s history, status and potential impact.
• Perform agency-wide event and incident tracking using ticket management system.
• Track and report on-going cyber security incidents to the primary incident handler.
• Respond to verified incidents utilizing a wide array of tools to mitigate active threats.

NOC Activities:

• Accurately monitor multiple wide area networks (WAN), local voice and data networks for circuit utilization and errors, network node availability, network device health, and system alarms.

• For network alarms, events, and outages; perform first level troubleshooting, triage, escalation, event management, and ticket documentation.

• Coordinate with contractors and various teams within the Departments to assist with service restoration based on alarm conditions.

• Work with the CSIRC and other OpDiv teams to investigate anomalies observed within the network and to remediate network and systems outages.

• Make required outage and degradation notifications to stakeholders at intervals commemorate with problem severity

• Participate in available technical and personal development opportunities.

Qualifications

• Required Education and Experience: Bachelor’s degree in Computer Science, Information Systems, Engineering or related field and 2 years of experience or 4 years of experience in lieu of a degree. Must have the adequate knowledge and skills to learn and perform the described job.
• Must have at least 2 years of hands on IT SOC / Cybersecurity experience. would prefer 3 years of experience.

• Certification Requirement: Industry standard cybersecurity certification, e.g. Security or similar is highly preferred.

• Clearance Requirement: Ability to obtain and maintain a Public Trust clearance.