Vacancy expired!
RESPONSIBILITIES:Kforce has a client that is seeking a Senior Security Operations Center (SOC) Analyst in Herndon, VA.
Duties Include: Senior Security Operations Center (SOC) Analyst will implement automation orchestration to replace repetitive tasks which are being conducted manually Developing monitoring via advanced dashboards, alerts, data models, reports Designing and customizing complex search queries and promoting advanced searching for computer/network forensics Log analysis to identify trends, abnormal behavior, correlate events, and detection of TTPs Participating in incident, problem, and change management processes Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support Incident Response Teams (IRTs) Developing documentation on new or existing systems Providing system/equipment/specialized training and technical guidance As a Senior Security Operations Center (SOC) Analyst, you will be communicating with customers and teammates clearly and concisely Investigating alerts and threat hunting; Properly escalating all identified incidents following SOPs Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs) to identify possible threats to network security) Perform assessments to identify and resolve monitoring gapsREQUIREMENTS: BS degree and 8-10 years of experience or MS degree and 6-8 years of experience or High School diploma/equivalent and 12 years of experience Security+ CE or other 8570 IAT level II certification (required) Certified Splunk Power User or higher (required) 4+ years of SOC or Cybersecurity related (required) 4+ years querying and manipulating data with at least 2+ years of experience with SPL (required); Knowledge of data types, conditions, and regular expressions 3+ years of related systems engineering experience - primarily in a government environment, dealing with business critical, high availability systems Experience configuring and utilizing monitoring/logging and security analysis solutions Strong knowledge of data analysis Experience implementing and monitoring security controls Solid understanding of cyber threats, MITRE ATT&CK framework and other TTP's Knowledge of TCP/IP networking and various protocols such as DNS, HTTP Strength in multitasking and prioritization in order to meet periodically changing deadlines Self-starting and able to drive projects to completion in a fast-moving environment Solid communications skills, both written and verbal; Able to create, discuss and explain technical documentation Applicants must be fully authorized to work in the U.S. without sponsorship Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified informationKforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.