SOC Intrusion Analyst opportunity in Fairmont, WV or Boulder, CO
ACTIVE Top Secret security clearance required
Our client is looking for a new Cyber Analyst to join their Security Operations Center (SOC) in Fairmont, WV or Boulder, CO in support of our customer, NOAA. The NOAA SOC comprises of 20 analysts performing 24/7 operations.
Primary Responsibilities
Perform against established operational rhythm, expectations and standards for Security Operations Center (SOC) analysts
Part of the 24x7 operations of the NOAA SOC, supporting shift coverage
Perform incident handling responsibilities with direct interface to customers and management team
Perform analysis on anomalous behavior based on log data from firewalls, packet capture, web proxy services, network flow analysis, intrusion detection, and malware analysis tools
Operate autonomously to further investigate and escalate in accordance with protocols and contractual SLAs
Identify areas of improvement for SOC processes and tools to enhance the mission
Provide teaching / mentoring junior analysts
Required Qualifications
Requires BS degree and 4+ years of prior relevant experience in order to operate within the scope contemplated by the level; experience in lieu of degree may be acceptable, or 4 years experience in lieu of degree
Prior experience performing as a SOC analyst
Working knowledge of SIEM solutions and incident management solutions
Technical understanding of core cybersecurity technologies as well as emerging capabilities.
Strong analytical and troubleshooting skills
CEH, GCIH, or relevant IT technology certification
ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
GCIH (GIAC Certified Incident Handler)
GISF (GIAC Information Security Fundamentals)
CISSP (ISC2 Certified Information System Security Professional)
Additional certifications at an equivalent may also be considered.
Preferred Qualifications
Hands-on cybersecurity experience.
Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vector, and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments.
Familiarity with the NOAA mission.
Seniority level
Entry level
Employment type
Contract
Job function
Information Technology
Industries
Staffing and Recruiting
Referrals increase your chances of interviewing at Equiliem by 2x