AMERICAN SYSTEMS

SOC Analyst II

AMERICAN SYSTEMS$81K — $91K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • U.S. Citizenship required due to the sensitive nature of the position.
  • Active DOW Top Secret Clearance is mandatory.
  • Minimum of three years' experience in incident detection response, malware analysis, or cyber forensics with a relevant bachelor's degree.
  • One certification from the DoW 8570.01-M and DoW Directive 8140.01 required (IAT Level II or higher).
  • At least one additional certification, such as CompTIA CASP+, GIAC GCIH, or Microsoft security certifications, is required.
  • Practical experience with security methodologies and the ability to implement security solutions are necessary.
  • Knowledge of networking concepts and protocols, cyber threats, and incident response methodologies is essential.

Responsibilities

  • Provide tier II cybersecurity support in a SOC environment.
  • Conduct vulnerability assessments and analyze cyber threats.
  • Monitor email gateways and document incidents in the ticketing system.
  • Lead incident response from alert to resolution, including threat intelligence utilization.
  • Manage and configure security monitoring tools to mitigate threats.
  • Train SOC Analyst I team members and support their development.
  • Design incident response processes for cloud service models.

Benefits

  • Comprehensive healthcare benefits for employees and their dependents.
  • Paid leave and retirement plans available.
  • Insurance programs offered as part of the benefits package.
  • Education and training assistance to support professional development.
Full Job Description
Overview

Now Hiring at AMERICAN SYSTEMS

 

Responsibilities

An Average Day:As the SOC Analyst II, you will provide tier II cybersecurity support in a Security Operations Center “SOC” environment. Daily responsibilities of the SOC are ever changing, however, you can expect to regularly conduct vulnerability assessments, analyze cyber threats, monitor the email gateway and create reports on all confirmed or suspicious activities. You will work closely with the Tier I and other Tier II personnel to effectively and efficiently provide optimum service to our customers as well as assist with training SOC Analyst I team members when needed. Additionally, in this position you will:

  • Use intrusion detection technologies to apply techniques for identifying host and network-based intrusions.
  • Create, update, and resolve incident tickets that have been tasked to Tier II and appropriately document all alerts and incidents in the ticketing system.
  • Review asset discovery and vulnerability assessment data.
  • Lead incidents from alert to resolution:
    • Leverage emerging threat intelligence (Indicators of Compromise, updated rules, etc.) to identify affected systems and the scope of the attack.
    • Review and collect asset data (logs, configurations, running processes, ) on these systems for further investigation.
    • Determine and direct remediation and recovery efforts including tasking of IHT1 as needed.
    • Determine and request engineering, forensics, or threat intelligencesupport.
    • Inform and brief status of incidents to CSOC manager, CISO, DCIO, or CIO.
  • May manage and configure security monitoring tools (SIEM, IDS, Firewall, Access Control Lists, etc.) to mitigate existing threats / vulnerabilities.
  • Interface and take guidance from the CSOC manager (government position).
  • Review trouble tickets generated by Tier 1.
  • Review threat intel and create notifications and share with specified personnel.
  • Handle other tasks that tier II level of experience and talent can complete.
  • Design incident response for cloud service models.
  • Perform damage assessments.
  • Preserve evidence integrity according to standard operating procedures or national standards.
  • Protect networks against (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • Recognize and categorize types of vulnerabilities and associated attacks.
  • Secure network communications.
  • Use security event correlation Tools.
  • Identify, capture, contain, and report malware.
  • Utilize the SOC standard operating procedures (SOP) to perform daily tasks, resolve incidents and preserve evidence integrity. May provide input for and assist with updating procedures.
Qualifications
  • As a requirement of this position, all candidates must be a U.S. Citizen in accordance with 8 U.S.C. 1324b(a)(2)(C).
  • Must hold an active DOW Top Secret Clearance.
  • At least three (3) years of professional experience in incident detection and response, malware analysis, or cyber forensics and a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
  • Hold at least one certification as required by Dept. of War (DoW) 8570.01-M and DoW Directive 8140.01, IAT Level II or higher. 
  • Must hold at least one of the following additional certifications: CompTIA CASP+, GIAC GCIH, Microsoft AZ-500, Microsoft SC-200, Splunk Core Certified Advanced Power User
  • Must have extensive experience working with various security methodologies, standard operating procedures, processes, and workflows. Experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.
  • Experience with some or all of the following is required:
    • Computer networking concepts, OSI model, and network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services, and network security
    • Host/network access control mechanisms (e.g., access control list, capabilities lists).
    • network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
    • Network traffic analysis methods and packet-level
    • Cyber threats and vulnerabilities; cyber-attack stages, classes of attacks and attackers; cyber defense and information security policies, procedures, and
    • Incident response and handling methodologies, incident categories, and timelines for
    • Intrusion detection methodologies and techniques for detecting host and network-based intrusions.
    • Malware analysis concepts and
    • cloud service models and how those models can limit incident
    • Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
    • System administration, network, and operating system hardening techniques as well as data backup and
    • System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Experience with the following: JIRA (Atlassian issue tracking system), Palo Alto Firewall, SNORT IDS, AlienVault SIEM, Barracuda Mail Spam / Virus Firewall, and HBSS.
  • This team operates in a 24/7 shift environment. 1st, 2nd and 3rd shifts run Monday – Thursday or Friday – Monday, are 10 hours per day and rotate every 3 months.
Pay Transparency StatementAMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $39.00/Hr. - USD $44/Hr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.

About AMERICAN SYSTEMS

AMERICAN SYSTEMS is a government IT solutions provider. The Company provides solutions in national security, healthcare, and public sector markets. Its services include acquisition and lifecycle support, enterprise IT, healthcare IT, intelligence analysis, and training and simulation. The Company's customers include the Department of Defense, Department of State, Department of Justice, and Department of Homeland Security. AMERICAN SYSTEMS was founded in 1975 and is headquartered in Chantilly, Virginia.
Learn more about AMERICAN SYSTEMS
Size
1,500 employees
Industry
Founded
1975

Similar Jobs

More Jobs at AMERICAN SYSTEMS

More Information Technology Jobs

Find similar SOC Analyst II jobs: