Security Operations Center Analyst

David T. Scott & Associates, LLC (DTS) is a Service-Disabled Veteran Owned Small Business that serves public- and private-sector clients. DTS excels at helping our clients respond to daunting challenges related to program management/governance, strategic planning/organizational advancement, business process efficiency and learning enhancement. Our associates have executed strategic planning, Program Management Office, organizational effectiveness, cyber security, business process improvement, training and program support contracts. Our staff is comprised of seasoned experts with exceptional military, civilian and private sector experience.

DTS is looking for a Security Operations Center Analyst to support cyber security operations and continuous monitoring needs. They are the first to respond to and “take action” against cyber-attacks. They identify, analyze, and resolve the issues related to security. They also inform the management about cyber threats to enable the relevant stakeholders to take necessary measures to ensure the security of the sensitive information and data of the organization from bad actors and insider threats.

Ideal candidates will possess the following attributes / skills:

• Understands overall purpose of task assignment
• Excellent interpersonal skills and a client-focused demeanor
• Strong written and oral communication skills
• Strong organization skills, accustomed to working as a part of a dynamic project team with shifting work priorities
• Excellent Planning, Organizational, and time management skills
• Proficiency using the full suite of Microsoft tools

Responsibilities:

• Monitor network activity and alerts/incidents created and conducts initial incident response investigations using Security Incident and Event Management (SIEM) tools
• Configures client environments with Defender Security Center, Microsoft Sentinel, log analytics workspace, data connectors, analytic rules, and logic apps
• Gather relevant alert/incident information and closes as appropriate
• Escalate security incidents to the appropriate team or individual
• Review automated response activities for accuracy of information
• Support SOC operations reporting through creation of evidence artifacts and biweekly reports
• Leads continuous monitoring of security control efforts
• Review and deploy analytic rules and queries to client environments
• Update environment settings in response to threat intelligence and incidents observed
• Develops custom KQL queries for review
• Perform initial device remediation in relation to security incidents
• Stay current on security trends, updates to related tools, and compliance frameworks
• Test and implements security automation; Assist in configuring client environments and migration of devices

Required Qualifications:

• Bachelor’s Degree in Cybersecurity, Information Security, or related field.
• Knowledge of Microsoft 365 products
• Problem Solving: Ability to approach security related problems from an analytical mindset.
• Develop multiple solutions to a problem and realize the solution is not always a readily available answer. Apply automation techniques where it makes sense.
• Decision Making: Position requires a significant amount of autonomy and decisiveness. You must be able to make informative decisions quickly, accurately, and with evidence to support your decision.
• Multitasking: Position has responsibilities across multiple independent cloud environments, each with unique needs and concerns. You must be able to switch tasks rapidly and work on multiple concurrent responsibilities.
• Communication: Excellent verbal and written communication skills, interpersonal, and teaching skills are required. This position interacts with clients on a regular basis and professional communication is a must. Position must be able to effectively communicate with users at all levels of technical knowledge and explain concepts in an easy-to-understand manner. Additionally, deliverables are to be professionally written and communicated in a concise manner, with a focus on the intended audience.
• Following Instructions: Ability to follow verbal and written instructions and recreate results desired. Many process are standard and must be able to be duplicated.
• Trends: Stay current on best practices, security trends, and attack techniques. Use knowledge gained to apply security controls and automation to environment to detect compromise and remediate vulnerabilities.
• Management: Position has light management responsibilities. Must possess the ability to coach and train team members when necessary.

Preferred Qualifications:

• Knowledge of Salesforce Lightening tool
• Knowledge of Kusto Query Language (KQL), ability to write custom queries, and experience in the Azure, Stack and Microsoft portals such as Defender, Endpoint Manager, and Sentinel is preferred
• Microsoft certifications preferred

Why Choose DTS?

• We are a growing consulting and cybersecurity services firm with opportunities for employees to make an impact and advance their careers.
• The culture at DTS reflects our size, scope, and team. We actively promote a healthy work-life balance and host numerous opportunities for team-building and social interaction between colleagues.
• DTS offers competitive salaries with a benefits package that includes 401K matching, top-tier medical and dental coverage, and generous personal time off.
• We have an employee-centric environment, with policies that support individual development, from formal training and mentoring to stretch opportunities.
• Employees are seen, heard, and appreciated at DTS. The company has been recognized for outstanding employee satisfaction.
• DTS gives back to the community, supporting nonprofits that benefit veterans, the environment, and the local community and providing employees paid time off to volunteer with the charitable organizations they support.

Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics.

All DTS offers of employment are contingent upon the ability to complete and successfully adjudicate a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held.

Job Details:

• Location: In-office Arlington, Va
• Compensation: $68,000-$76,000

Salary at DTS is determined by various factors, including but not limited to, the combination of education, certifications, knowledge, skills, competencies, and experience, internal and external equity, location, and clearance level, as well as contract-specific affordability and organizational requirements and applicable employment laws. In addition, to support the ability to reward for merit-based performance, DTS typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case.