Previous Job
Level 1 Security Operations Center (SOC) Analyst
Ref No.: 19-00106
Location: Washington, District of Columbia
Position Type:Full-time
Start Date: 04/01/2019
Job Req -Additional Info
Shift Work?:No
Work Schedule:7:30-4:30 and 10-6:30
Clearance Requirement:Public Trust
Job Summary:

A level 1 Security Analyst executes procedures as a matter of daily responsibility. The role of a Security Operations Center (SOC) Analyst is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures.

  • Monitoring the SOC situational awareness and automation systems for security events and closing or escalating those events as necessary
  • Identifying, categorizing, prioritizing, and investigating events rapidly, utilizing triage and response capabilities that include logs from:
    • Firewalls and network devices
    • Infrastructure servers and end-user systems
    • Threat intelligence platforms
    • Application logs and web-application firewalls
    • Identity and access management systems
    • Cloud and hybrid-IT provisioning, access, and infrastructure systems
    • Antivirus systems
    • Intrusion prevention systems
  • Monitoring incoming event queues for potential security incidents
  • Performing initial investigation and triage of potential incidents, and escalate or close events, as applicable
  • Monitoring SOC ticket and email queue for potential event reporting from outside entities and individual users
  • Maintaining SOC shift logs with relevant activity from the shift
  • Documenting investigation results, ensuring relevant details are passed to level 2 analyst for final event analysis
  • Conducting security research and intelligence gathering on emerging threats and exploits
  • Performing additional auxiliary responsibilities, as assigned by SOC Manager

Requirements: (Clearance/Citizenship)
  • Must be US Citizen and able to obtain position of Public Trust designation
  • Demonstrated excellent written and oral communication skills
  • 1+ years' experience as a Security/Network Administrator or equivalent knowledge.
  • Familiarity with Linux, Windows and forensic evidence concepts
  • Familiarity with static and dynamic malware analysis desired
  • Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
  • Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
  • Knowledge of common Internet protocols and applications.
  • Proficient computer skills including Microsoft Office
  • Effective oral and written communication skills
  • Active listening skills
  • Ability to assess and evaluate situations effectively
  • Ability to identify critical issues quickly and accurately
  • CompTIA Security +, GIAC Security Essentials Certification, or GIAC Certified Incident Handler highly desired

  • Familiarity with audit support and response, and regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS)
  • Highly self-motivated and strong attention to detail
  • Ability to effectively prioritize and execute tasks in a complex environment
  • Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc.

  • Bachelor's degree in a related field.*
*Additional years of relevant experience or a combination of an Associate's degree or equivalent and relevant experience may be substituted for the Bachelor's degree