Description
Looking for an exciting opportunity to make an impact as a Security Operation Center Analyst?
1901 Group (A Leidos Company) has an exciting SOC Analyst position located in Woodlawn MD with opportunities to work a hybrid schedule at home as well as the office.
POSITION SUMMARY:
Our new Security Operations Center Analyst will work with an elite team of IT professionals to maintain an optimal environment for critical systems. We are looking to hire a SOC Analyst to provide a full range of cyber security services with a focus on deception practices for developing detection methods that deceive attackers into interacting with decoys and other deception mechanisms.
Primary Responsibilities:
-
Research new and innovative deception practices, methods and techniques
-
Plan and create deception mechanisms to be deployed within the organization’s architecture
-
Perform detailed investigation and response activities for potential security incidents
-
Develop innovative monitoring and detection solutions using client tools and other skillsets such as scripting and content development
-
Author documentation containing current deployments details and configurations
-
Participate in deception exercises with other teams/departments to assess the effectiveness of deception components deployed within the organization’s architecture
-
Participate in root cause analysis or lessons learned sessions
-
Provide actionable intelligence for proactive detection and monitoring of potential threats
-
Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
-
Respond to computer security incidents associated with deception mechanisms and conduct threat analysis
-
Create, manage, and dispatch incident tickets associated with deception detections and alerts
-
Ensure all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
-
Document investigation results, ensuring relevant details are passed to SOC Leads, Incident Management team and stakeholders
-
Resolve or coordinate the resolution of cyber security events related to deployed deception components
-
Recommends implementation of counter-measures or mitigating controls
-
Monitor external event sources for security intelligence and actionable incidents
-
Develop processes and procedures for deploying deception components
Basic Qualifications:
-
Bachelor’s degree in Computer Science or related field and 2+ years of relevant IT experience (additional years of IT experience accepted in lieu of degree)
- Willingness and ability to work overnight shifts.
-
1 year of experience in a Penetration Testing or SOC environment
-
In-depth understanding of tactics and techniques utilized by adversaries
-
Proven understanding of the Cyber Kill Chain and Incident Response Phases
-
In-depth understanding of various operating systems, network/system infrastructure, networking protocols/services and enterprise architectural design
-
Ability to work individually or as a team
-
Must be driven and motivated with excellent organization skills
-
Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
-
Excellent written and verbal communication skills
-
Must be comfortable with public speaking, presenting proposals and findings to leadership
-
Excellent analysis skills and ability to identify patterns and trends in data
-
Familiar with cloud environments and services
-
Communicate well with Executives, Managers, Peers and Customers.
-
A US Citizen who can obtain a public trust clearance
CLEARANCE REQUIREMENTS:
-
Must be able to obtain and maintain a Public Trust security clearance prior to start
Preferred Qualifications:
-
Experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
-
Ability to think creatively and implement innovative solutions
-
Familiar with AWS cloud environments, architecture, and services
-
Familiarity with the MITRE ATT&CK framework
-
Experience with proprietary and open source deception technologies and platforms is preferred
-
Experience with SIEM technologies such as Splunk is preferred
Mid Shift (Wednesday-Saturday, 12pm-10pm EST).
Pay Range $53,300.00 - $82,000.00 - $110,700.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
