Analysis Skills, Best Practices, Communication Skills, CompTIA Network+, CompTIA Security+, Computer Hacking, Computer Science, Consulting, Customer Relations, Documentation, Establish Priorities, Government, Internet Security, Interpersonal Skills, Microsoft Office, Multitasking, Presentation/Verbal Skills, Quality Monitoring, Schedule Development, Security Information and Event Management (SIEM), Service Level Agreement (SLA), Splunk, Standard Operating Procedures (SOP), Test Plan/Schedule, Track Customer Issues, Vendor/Supplier Management, Willing to Travel, Writing Skills
Waterleaf International, an engineering, cybersecurity and science-based defense and networking contractor, is seeking a full-time SOC Analyst. Waterleaf hires, trains and promotes the best and brightest for upward mobility and the opportunity to grow and succeed. We offer excellent benefits (Medical/Dental/PTO/Tuition) and more.
Waterleaf offers a forward leaning culture – that means our focus and direction is on people, intellect, process and deliverables. Our people include employees, contractors, and customers, all of whom have inherent value and contributions to not only our mission in defending our country but to the community we each live in. We support professional and individual growth and provide dynamic, fascinating, and supportive work environments. Talk to us about the ability to have great financial and personal gains in a thriving and vital environment.
Position Summary:
As a SOC Analyst, you will be a key member of Cyberleaf’s team with responsibilities to ensure quality support and monitoring that meet customer needs for Security operational continuity. This is a full-time position, with limited but possible travel.
Primary Duties and Responsibilities:
- Understand and apply analyst responsibilities for all Cyberleaf customer tiers
- Understand the Direct Customer and MSP Customer differences and how those differences affect analyst customer engagement
- Exhibit capacity to rapidly learn and apply the SOP for the main Cyberleaf analyst workspace
- Identify an alert
- Using initial alert indicators conduct follow-on cross-correlation analysis in Splunk SIEM or a variety of Endpoint Detection and Response products
- Conduct delegated remediation actions to isolate and eradicate the threat
- Engage in bilateral communication with customers to inform, validate, and action the alert
- Conduct additional customer-approved remediation actions if pre-approved actions fail to achieve the effect
- Use company Standard Operating Procedures (SOP) and runbooks to respond within the SLA timelines
- Communicate with Direct customers or Managed Service Providers to explain the nature and impact of relevant alerts, request clarification on documented activity
- Contribute to Direct Customers’ IT points of contact or their Managed Service Providers’ efforts to remediate the alert as a technical resource to monitor customers’ Cybersecurity needs.
- Document all actions taken to remediate a ticket in the main Cyberleaf analyst workspace
- Contribute to runbook and SOP documentation based on discovered best practices, lessons learned discoveries, or feature/capability upgrades
- Develop and implement Splunk queries as part of investigations into suspicious and malicious cyber activity.
- Contribute to development and testing of new capabilities, signatures, or features as requested by the Development Team
- Other job duties, as assigned.
Education/Experience Requirements:
- Associates of Science in Computer Science, CyberSecurity or equivalent industry or government work experience required.
- CompTia Network+ and Security+ certifications
- Must have working knowledge of Splunk and Splunk ES.
- Proficiency in Microsoft office tools;
- Understanding of and competency with industry-leading ticketing systems.
Skills and Competencies:
• Excellent interpersonal, verbal and written communication skills.
• Ability to work with a fast-moving team and balance/prioritize multiple tasks;
• Keep other team members up to date on development schedules and projects;
• Must be innovative, flexible and think creatively to overcome obstacles.
• Ability to manage equipment supplier networks, supplier and contractor relationships successfully.
Organizational Framework:
• This position reports to the VP or Director of SOC Services.
• This position has no direct reports.
• Advises, consults and coordinates with:
o Some customer involvement
o Consultants
o Vendors
Physical Requirements/Working Environment:
• Extended time on a computer – repetitive motion.
• Must be capable and eligible for both domestic and international travel.
• Must be able to pass a post-offer/pre-placement drug screen, background check, and able to pass a government Secret or TS if required.
Come grow with us!