Full Job Description
MindPoint Group has been focused on Cybersecurity consulting since its inception. We are the trusted cybersecurity advisors to key government and commercial decision-makers. MindPoint Group supports security operations for the most security-conscious organizations in the world, and we design and implement innovative security solutions to defend against today’s risks, and tomorrow’s potential attacks.
We believe that helping organizations operate from the best security posture possible requires automation. We believe that empowering our employees to excel and providing them with the means to do so enables MindPoint Group to consistently exceed our clients’ expectations.
Unlike many IT consultancies, we’re not a body shop. Our client engagements are challenging and growth-oriented. Our relationship with you is for the long run because in this business, your success is our success. That’s why we treat investments in employees as investments in the company itself, which is why we offer fantastic benefits (healthcare, generous PTO, paid maternity and paternity leave, and tuition reimbursement to name a few).
But you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you.
We are an established, profitable, and growing company that promises you the following:
A diverse organization.
A safe workplace with zero tolerance for discrimination and harassment of any kind.
A balanced work life. Seriously.
A flexible schedule.
A leadership team that is focused on your professional growth and development.
MindPoint Group is seeking a Senior SOC Analyst. The Security Operations Center (SOC) Senior Analyst will collaborate with members of the SOC team to develop innovative and effective procedures for the SOC to enhance coordination and incident response operations. Train staff on SOC concept of operations and develop incident management teams.
Additionally, Senior Analyst candidates must be willing to work in a 24x7x365 SOC environment, demonstrate intuitive problem solving skills, and allow for flexible scheduling. Monitor network traffic for security events and perform triage analysis to identify security incidents. Respond to computer security incidents by collecting, analyzing, preserving digital evidence, and ensure that incidents are recorded and tracked in accordance with SOC requirements. Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
Utilize state of the art technologies such as host forensics tools (FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data
Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response
Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes
Lead Incident Response activities and mentor junior staff
Work with key stakeholders to implement remediation plans in response to incidents
Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
Author Standard Operating Procedures (SOPs) and training documentation when needed
Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
Active Secret clearance or higher required
5 (+) years in an Incident Responder/Handler role
Full understanding of Tier 1 responsibilities/duties and how the duties feed into Tier 2. The ability to take lead on incident research when appropriate and be able to mentor junior analysts
Advanced knowledge of TCP/IP protocols
Knowledge of Windows, Linux operating systems
Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk or ArcSight experience
Deep packet and log analysis
Some Forensic and Malware Analysis
Cyber Threat and Intelligence gathering and analysis
Bachelors Degree or equivalent experience
Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred
Desirable certifications include, but not limited to:
GCIH, GCIA, GCFE, GREM, GCFA, GSEC
CEH, CISSP, CCNA (Security) or equivalent Certifications.
All your information will be kept confidential according to EEO guidelines
Equal Opportunity Employer Veterans/Disabled