SOC Analyst II

AMERICAN SYSTEMS

Monterey, California

JOB DETAILS
SALARY
$39–$44 Per Hour
JOB TYPE
Full-time
SKILLS
(XSS) Cross Site Scripting, Access Control, Analysis Skills, Applications Security, Atlassian JIRA, Barracuda, Cloud Computing, CompTIA - Computing Technology Industry Association, Computer Networks, Computer Science, Computer Security, Customer Support/Service, DNS (Domain Name System), Data Collection, Database Backup, Event Correlation, Firewalls, Forensic Science, GCIH - GIAC Certified Incident Handler, GIAC - Global Information Assurance Certification, Government, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Injections, Internet Security, Intrusion Detection Systems, Malware, Malware Analysis, Microsoft Product Family, Network Access Control (NAC), Network Protocols, Network Security, Network Traffic Analysis, Open Systems Interconnection (OSI), Operating Systems, Operations Processes, Oracle PL-SQL, Reporting Skills, Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Monitoring, Snort, Spam Filtering, Splunk, Standard Operating Procedures (SOP), Systems Administration/Management, TCP/IP (Transmission Control Protocol/Internet Protocol), Team Player, Top Secret Clearance, Trend Analysis, Trouble Tickets, United States Citizen, Viruses
LOCATION
Monterey, California
POSTED
5 days ago
Overview:

Now Hiring at AMERICAN SYSTEMS

 

Epsilon, Inc. has joined AMERICAN SYSTEMS! As one organization, we offer expanded resources, streamlined operations, and increased opportunities for growth and development. 

 

Join us to be part of a dynamic, collaborative environment dedicated to innovation and customer success. 

Responsibilities:

An Average Day:
As the SOC Analyst II, you will provide tier II cybersecurity support in a Security Operations Center “SOC” environment. Daily responsibilities of the SOC are ever changing, however, you can expect to regularly conduct vulnerability assessments, analyze cyber threats, monitor the email gateway and create reports on all confirmed or suspicious activities. You will work closely with the Tier I and other Tier II personnel to effectively and efficiently provide optimum service to our customers as well as assist with training SOC Analyst I team members when needed. Additionally, in this position you will:

  • Use intrusion detection technologies to apply techniques for identifying host and network-based intrusions.
  • Create, update, and resolve incident tickets that have been tasked to Tier II and appropriately document all alerts and incidents in the ticketing system.
  • Review asset discovery and vulnerability assessment data.
  • Lead incidents from alert to resolution:
    • Leverage emerging threat intelligence (Indicators of Compromise, updated rules, etc.) to identify affected systems and the scope of the attack.
    • Review and collect asset data (logs, configurations, running processes, ) on these systems for further investigation.
    • Determine and direct remediation and recovery efforts including tasking of IHT1 as needed.
    • Determine and request engineering, forensics, or threat intelligencesupport.
    • Inform and brief status of incidents to CSOC manager, CISO, DCIO, or CIO.
  • May manage and configure security monitoring tools (SIEM, IDS, Firewall, Access Control Lists, etc.) to mitigate existing threats / vulnerabilities.
  • Interface and take guidance from the CSOC manager (government position).
  • Review trouble tickets generated by Tier 1.
  • Review threat intel and create notifications and share with specified personnel.
  • Handle other tasks that tier II level of experience and talent can complete.
  • Design incident response for cloud service models.
  • Perform damage assessments.
  • Preserve evidence integrity according to standard operating procedures or national standards.
  • Protect networks against (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • Recognize and categorize types of vulnerabilities and associated attacks.
  • Secure network communications.
  • Use security event correlation Tools.
  • Identify, capture, contain, and report malware.
  • Utilize the SOC standard operating procedures (SOP) to perform daily tasks, resolve incidents and preserve evidence integrity. May provide input for and assist with updating procedures.
Qualifications:
  • As a requirement of this position, all candidates must be a U.S. Citizen in accordance with 8 U.S.C. 1324b(a)(2)(C).
  • Must hold an active DOW Top Secret Clearance.
  • At least three (3) years of professional experience in incident detection and response, malware analysis, or cyber forensics and a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
  • Hold at least one certification as required by Dept. of War (DoW) 8570.01-M and DoW Directive 8140.01, IAT Level II or higher. 
  • Must hold at least one of the following additional certifications: CompTIA CASP+, GIAC GCIH, Microsoft AZ-500, Microsoft SC-200, Splunk Core Certified Advanced Power User
  • Must have extensive experience working with various security methodologies, standard operating procedures, processes, and workflows. Experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.
  • Experience with some or all of the following is required:
    • Computer networking concepts, OSI model, and network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services, and network security
    • Host/network access control mechanisms (e.g., access control list, capabilities lists).
    • network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
    • Network traffic analysis methods and packet-level
    • Cyber threats and vulnerabilities; cyber-attack stages, classes of attacks and attackers; cyber defense and information security policies, procedures, and
    • Incident response and handling methodologies, incident categories, and timelines for
    • Intrusion detection methodologies and techniques for detecting host and network-based intrusions.
    • Malware analysis concepts and
    • cloud service models and how those models can limit incident
    • Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
    • System administration, network, and operating system hardening techniques as well as data backup and
    • System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Experience with the following: JIRA (Atlassian issue tracking system), Palo Alto Firewall, SNORT IDS, AlienVault SIEM, Barracuda Mail Spam / Virus Firewall, and HBSS.
  • This team operates in a 24/7 shift environment. 1st, 2nd and 3rd shifts run Monday – Thursday or Friday – Monday, are 10 hours per day and rotate every 3 months.
Pay Transparency Statement: AMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $39.00/Hr. - USD $44/Hr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance. EEO Statement: EEO Race/Sex/Disability Status/Veteran Status

About the Company

A

AMERICAN SYSTEMS

Founded in 1975, AMERICAN SYSTEMS is one of the largest employee-owned companies in the United States, with approximately 1,400 employees nationwide. Based in the Washington, DC, suburb of Chantilly, VA, the company provides systems engineering, technical and managed services to government and private sector customers. AMERICAN SYSTEMS was named “Contractor of the Year” at the Greater Washington Government Contractor Awards in October, 2007.

COMPANY SIZE
1,000 to 1,499 employees
INDUSTRY
Internet Services
FOUNDED
1975