SOC Analyst - Tier 2 6 Month - Contract to Hire (W2) Gaithersburg, MD (Onsite) The main focus of the Cyber Security Analyst is to identify, analyze, contain, and eradicate threats to enterprise systems and infrastructure. As the first line of defense, the Cyber Security Analyst will use data analysis, threat intelligence, and cutting-edge security technologies to detect and handle cybersecurity events and incidents. The candidate must have a curious investigative mind, a passion for information security, and the ability to effectively communicate complex ideas to audiences of varied levels of knowledge.
- Provide timely detection, identification, triaging, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
- Use cyber defense tools for continuous monitoring and analysis to identify anomalies and malicious activity
- Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on systems and information
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the impact of an observed attack
- Conduct research, analysis, and correlation across a wide variety of data sets
- Coordinate with enterprise-wide cyber defense staff to validate alerts and harden the enterprise with preventative controls
- Use, and develop monitoring and handling processes for, current and new security tools
- Be a mentor and subject matter expert for other IT teams and more junior team members
Education and Experience:
- Bachelor's degree in Computer Science or Information Technology, related discipline, or commensurate industry experience
Required:
- 0-3 years experience in Security Operations
- Excellent written and verbal communication skills
- Knowledge of the incident response lifecycle and experience with cyber security investigations
- Manage multiple complex assignments based on criticality in a timely and professional manner
- Experience working both independently and as part of a worldwide team
Desired:
- Experience with digital forensic analysis
- Experience with cyber threat intelligence
- Experience with various security technologies (SIEM, SOAR, UEBA, EDR, IDS/IPS, etc.)
- Experience with building and maintaining alerting across various types of security tools
- Prior experience working with in the following areas:
- Computer Incident Response Team (CIRT)
- Computer Security Incident Response Center (CSIRC)
- Security Operations Center (SOC)
- Knowledge of intrusion tactics, techniques, and procedures
- Knowledge of cloud environment security response
- The following certifications are strongly desired:
- CompTIA A+
- CompTIA Network+
- CompTIA Security+
- AWS Certified Security - Specialty