ShorePoint Inc.

SOC Level 2 Analyst (Q Clearance)

ShorePoint Inc.$75K — $95K *
Las Vegas, NV 89110In-Person
Information Technology
Less than 5 years of experience
1 month ago
Job Overview by Ladders

Qualifications

  • Bachelor's degree required.
  • 2+ years experience in a SOC or equivalent security operations environment, including 1+ year with security technologies.
  • Familiarity with SIEM, IDS/IPS, EDR, and WAF technologies.
  • One or more relevant security certifications (CISSP, GCIA, GMON, CEH).
  • Ability to analyze complex requirements and translate them into actionable tasks.

Responsibilities

  • Monitor potential security incidents through various client channels.
  • Perform triage of incidents based on client-specific procedures.
  • Escalate incidents and recommend operational improvements.
  • Maintain accurate notes in the case management system.
  • Provide advanced analysis and assess escalated outputs from Level 1 Analysts.
  • Document and devise new procedures and incident response plans.
  • Collaborate with Cyber Hunting team for advanced investigations.

Benefits

  • Opportunity to shape the culture of a fast-growing company in cybersecurity.
  • Engagement in continuous improvements of service and operational processes.
  • Access to advanced security technologies and methodologies.
  • Possibility for professional development and advancement within the organization.
Full Job Description
Who we're looking for:

We are seeking a SOC Level 2 Analyst for a potential opportunity to provide advanced monitoring, triage and response within a 24/7 Security Operations Center (SOC) environment. This role plays a key part in identifying and investigating security incidents, advising on mitigation and improving monitoring content and procedures. The SOC Level 2 Analyst will have hands-on experience with security technologies and be ready to contribute to threat detection, content development and continuous service improvement in a fast-paced operational setting. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market. Employment for this position is dependent on the successful award of the contract.

What you'll be doing:

  • Monitor client sources of potential security incidents, health alerts with monitored solutions and requests for information. This includes the monitoring of real-time channels or dashboards, periodic reports, email inboxes, helpdesk or other ticketing systems, telephone calls and chat sessions.
  • Follow client and incident-specific procedures to perform triage of potential security incidents to validate and determine needed mitigation.
  • Escalate potential security incidents to client personnel, implement countermeasures in response to others and recommend operational improvements.
  • Keep accurate incident notes in the case management system.
  • Maintain awareness of the client's technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by client threat intelligence and recent security incidents.
  • Provide advanced analysis of the results of the monitoring solutions, assess escalated outputs and alerts from Level 1 Analysts.
  • Perform web hunting for new patterns/activities.
  • Advise on content development and testing.
  • Provide advice and guidance on the response action plans for information risk events and incidents based on incident type and severity.
  • Ensure that all identified events are promptly validated and thoroughly investigated.
  • Provide end-to-end event analysis, incident detection and manage escalations using documented procedures.
  • Devise and document new procedures and runbooks/playbooks as directed.
  • Maintain monthly Service Level Agreements (SLAs).
  • Maintain compliance with processes, runbooks, templates and procedures-based experience and best practices.
  • Assist the Cyber Hunting team with advanced investigations as needed.
  • Provide malware analysis (executables, scripts, documents) to determine indicators of compromise and create signatures for future detection of similar samples.
  • Continuously improve the service by identifying and correcting issues or gaps in knowledge (analysis procedures, plays, client network models), false positive tuning, identifying and recommending new or updated tools, content, countermeasures, scripts, plug-ins, etc.
  • Perform peer reviews and consultations with Level 1 Analysts regarding potential security incidents.
  • Serve as a subject matter expert in at least one security-related area (e.g., specific malware solution, Python programming, etc.).
  • Provide shift status and metric reporting as well as support weekly operations calls.


What you need to know:

  • Strong understanding of SOC operations, incident response workflows and monitoring tools.
  • Experience with malware behavior analysis and identification of indicators of compromise.
  • Familiarity with APT tactics, techniques and procedures.
  • Knowledge of security technologies such as SIEM, EDR, IDS/IPS and WAF.
  • Understanding of networking fundamentals, protocols (TCP/IP, DNS, HTTP) and infrastructure devices.
  • Awareness of security architecture principles and common defensive tools.


Must have's:

  • Bachelor's degree.
  • 2+ years of working in a SOC or similar security operations environment, including 1+ years of experience in security technologies such as:
    • Security Information and Event Management (SIEM).
    • IDS/IPS, DLP, Endpoint Detection and Response (EDR).
    • Web Application Firewall (WAF), anti-virus and sandboxing solutions.
    • Host- and network-based firewalls, threat intelligence platforms or penetration testing tools.
  • One or more of the following certifications:
    • (ISC)2 Certified Information Security Professional (CISSP)
    • GIAC Certified Intrusion Analyst (GCIA)
    • GIAC Continuous Monitoring (GMON)
    • Certified Ethical Hacker (CEH) or equivalent.
  • Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
  • Must have the ability to work shifts on a rotating basis for 24/7 support of clients.
  • Travel up to 15%, on average, based on the work you do and the clients and industries/sectors you serve.
  • Applicants must currently hold and maintain an active DOE Q or equivalent DoD Top Secret clearance.


Beneficial to have:

  • A strong desire to understand the what as well as the why and the how of security incidents.
  • Knowledge of Advanced Persistent Threats (APT) tactics, techniques and procedures.
  • Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
  • Understanding of common network infrastructure devices such as routers and switches.
  • Understanding of basic networking protocols such as TCP/IP, DNS, HTTP.
  • Basic knowledge in system security architecture and security solutions.


Where it's done:

  • Onsite (Las Vegas, NV).

About ShorePoint Inc.

ShorePoint Inc. is a cybersecurity and IT consulting firm that provides services to the federal government and commercial clients. The company's services include cybersecurity, cloud computing, data analytics, and software development. ShorePoint was founded in 2015 and is headquartered in Reston, Virginia. The company has additional offices in Washington, D.C. and Colorado Springs, Colorado.
Learn more about ShorePoint Inc.
Size
300 employees
Industry
Information Technology
Founded
2015
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at ShorePoint Inc.

More Information Technology Jobs

Find similar SOC Level 2 Analyst (Q Clearance) jobs:

NationwideLas Vegas, NV