cFocus Software seeks a SOC Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:-
Public Trust Clearance
-
B.S. Computer Science, Information Technology, or a related field
-
Minimum 2 years of Security Operations Center (SOC) or cybersecurity monitoring experience.
-
Experience monitoring enterprise security environments.
-
Experience investigating cybersecurity incidents.
-
Knowledge of SIEM platforms and security monitoring technologies.
-
Understanding of NIST SP 800-61 Computer Security Incident Handling Guide.
-
Knowledge of MITRE ATT&CK Framework.
-
Ability to obtain and maintain NIH suitability/background investigation.
Duties:-
Continuously monitor enterprise security systems and Security Operations Center (SOC) dashboards.
-
Analyze security alerts generated by SIEM, IDS/IPS, EDR, cloud security, and network monitoring platforms.
-
Identify indicators of compromise (IOCs) and suspicious activity.
-
Correlate security events across multiple technologies to identify potential cyber threats.
-
Monitor Windows, Linux, cloud, network, and endpoint environments for malicious activity.
-
Perform initial incident triage and classification.
-
Analyze security events to determine severity, scope, impact, and priority.
-
Validate potential security incidents and reduce false positives.
-
Escalate confirmed incidents to Tier 2 and Tier 3 Incident Response personnel.
-
Maintain incident tickets throughout the incident lifecycle.
S141jqkA9l