SOC Analyst

Washington, AR - USA

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

ClearFocusTechnologiesa HUBZone certified company is located inLeesburg specialize in cybersecurity and support multiple government and commercial clientsfora variety our clients integrity and employees and believe a single person can make a difference!

We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their provide an excellent benefit package which includesmedical dental vision paid time off401(k)paid professionaldevelopment reimbursementand more!

We are seeking SOC Analyst for multiple opportunities that are 100% onsite in Washington DC.

100% Onsite w/situation telework
Must be willing to work 12-hour shifts
Sun-Tues and every other Wed
Thur-Sat and every other Wed
Day Shift: 7am-7pm
Night Shift: 7pm-7am

You will be required to take an in-person hands-on keyboard interview assessment to be considered

MUST be proficient in the following areas:

Must be a self-starter and display the ability to research and find the answer On your own
Must know how to read write and comprehend at the intermediate level
Must have and understand and applied knowledge of the full Triage process to determine if an event is a true positive or false positives.
Must be able to hypothesize during an event to determine an outcome.
Must have basic - intermediate understanding of various cyber-attacks (new and old) across various platforms and environments including Active Directory Windows Linux. Cloud is a plus.
Must know how to perform basic-intermediate Splunk searches in Splunk Enterprise Security to obtain various information as needed and/or requested by senior leadership
Must know how to perform basic-intermediate threat hunting in Splunk for various cyber-attacks including but not limited to: User Behavior Analysis Privileged User activity Advanced Persistent Threat (APT) activity and other adhoc searches as needed and/or requested
Must be able to identify root-cause using various native and security tools (Splunk Enterprise Security Trellix ACAS SolarWinds)
Must be able to read and comprehend various log types.
Must be able to correlate logs to investigate various cyber events and incidents using native and security tools (Splunk Enterprise Security Trellix ACAS SolarWinds)
Must have basic - intermediate understanding and applied knowledge of networking fundamentals to include but not limited to: most common ports and protocols what they are and how they work)
Must have a basic - intermediate understanding and applied knowledge of command line tools to obtain information needed for triage analysis including but not limited to: windows command line Linux command line PowerShell etc.
Help desk and system administrators with ticket handling Active Directory and command line experience are encouraged to apply.

Education Requirements
A bachelors or higher degree is highly preferred and a DOD IAT II certification

Clearance Requirements
Active Top-Secret with SCI/Q eligibility

Required Experience:

Must be a self-starter and display the ability to research and find the answer On your own
Must know how to read write and comprehend at the intermediate level
Must have and understand and applied knowledge of the full Triage process to determine if an event is a true positive or false positives.
Must be able to hypothesize during an event to determine an outcome.
Must have basic - intermediate understanding of various cyber-attacks (new and old) across various platforms and environments including Active Directory Windows Linux. Cloud is a plus.
Must know how to perform basic-intermediate Splunk searches in Splunk Enterprise Security to obtain various information as needed and/or requested by senior leadership
Must know how to perform basic-intermediate threat hunting in Splunk for various cyber-attacks including but not limited to: User Behavior Analysis Privileged User activity Advanced Persistent Threat (APT) activity and other adhoc searches as needed and/or requested
Must be able to identify root-cause using various native and security tools (Splunk Enterprise Security Trellix ACAS SolarWinds)
Must be able to read and comprehend various log types.
Must be able to correlate logs to investigate various cyber events and incidents using native and security tools (Splunk Enterprise Security Trellix ACAS SolarWinds)
Must have basic - intermediate understanding and applied knowledge of networking fundamentals to include but not limited to: most common ports and protocols what they are and how they work)
Must have a basic - intermediate understanding and applied knowledge of command line tools to obtain information needed for triage analysis including but not limited to: windows command line Linux command line PowerShell etc.
Help desk and system administrators with ticket handling Active Directory and command line experience are encouraged to apply.

Education Requirements
A bachelors or higher degree is highly preferred and a DOD IAT II certification

Clearance Requirements
Active Top-Secret with SCI/Q eligibility

Required Experience: