Security Operations Center (SOC) Analyst

Jacobs Technology Information
Solutions Group (ISG) provides information technology solutions and services to
a broad range of both Government and private industry, including Department of
Defense, Federal Civilian agencies, healthcare, education, and small/medium
business market. Our analysts, engineers, and technicians are highly trained,
qualified subject matter experts, understanding each segments specialized
business processes, requirements, and functions. Combined with an extensive IT
background, Information Solutions Group's enhanced IT services enable our
clients to analyze existing business processes, identify process improvements,
evaluate associated risks, and develop operational solutions.
The Security Operations Center (SOC)
Analyst supports the Joint Strike Fighter (JSF) Program located in Crystal
City, VA. The selected candidate will:
+ Perform system and network analysisof suspected or potential security incidents
+ Audit and report all F-35 Program ITsystems and subsystems
+ Use DoD provided and required toolsuites and other approved tools/methods to perform vulnerability assessments tosupport C&A compliance and security controls
+ Provide evidentiary requirementssuch as executing forensics technical and gathering results on any computingassets such as mobile devices to support any investigation, inquiry, orlitigation
+ Assist in the process of systemscertification as directed by the F-35 CIO
+ Evaluate target systems to analyzeresults of scans, identify resolutions, develop POA&M, makerecommendations, and continuously monitor requirements
The Security Operations Center (SOC)
Analyst must have:
+ Must have experience in SOC/NOCenvironment
+ Demonstrated knowledge in networksecurity, operating system security, Internet or Web security, Data LossPrevention (DLP), anti-malware, IDS/IPS, and penetration and vulnerabilitytesting
+ Familiarity (Experience) withsecurity and monitoring tools (i.e. LogRhythm, HBSS, ACAS, SolarWinds, Splunk, Fortinet, IDS/IPS, SIEM, PMI, ITIL, ISO 9000, andCMMI, and tools), easily transitioning from one methodology to the other
+ Developsmetrics and reports on intelligence and incidents for senior management
+ Minimum of 10 years of informationtechnology experience
+ Minimum of four (4) years?experience with in Windows / Linux Operating Systems, baseline securityconfigurations, audit, forensics, Patch Management for these OSs
+ Designs anddevelops cyber incident response and handling program, including framework andprocesses
+ Providesoversight and coordination of cyber incident response (e.g., technicalinvestigations including detect, contain, eradicate, recover stages, forensics)
+ Implementsand maintains cyber incident response processes and technology (e.g., EnCase)to support computer and network forensics
+ Identifiesincident/breach trends and incorporate them into training activities to reducethe likelihood of future incidents/breaches
+ Utilizesadvanced analytics (key risk and performanceindicators) to leverageinternally and externally sourced cyber threat intelligence and historicalsecurity data to produce signatures and other techniques to detect and trackAPTs (Advanced Persistent Threats)
+ Conductongoing malware analysis, including reverse engineering on viruses, worms,Trojans, adware, spyware, backdoors, and rootkits affecting various assets
+ Examineand analyze electronic media to produce a report of findings that issufficiently detailed and clear to a point it could be used in a legal casewhen/if required
+ Assistpersonnel in identifying observable criteria, features, or traits that thepersonnel can use to identify the presence of malware on the network
+ Providestechnical support in the areas of vulnerability assessment, risk assessment,network security, product evaluation, and security implementation
+ Responsiblefor designing and implementing solutions for protecting the confidentiality,integrity and availability (CIA triad) of sensitive information
+ Providestechnical evaluations of customer systems and assists with making securityimprovements
+ Participatesin design of information system contingency plans that maintain appropriatelevels of protection and meet time requirements for minimizing operations impactto customer organization
+ Conductstesting and audit log reviews to evaluate the effectiveness of current securitymeasures
+ Willprovide guidance and coordination for incident response efforts includingtriage, evaluation, coordination and executive reporting
+ Contributeto the creation, update and distribution of incident response best practices toinclude response capabilities and recommendations to senior leadership whendealing with incidents that impact multiple platforms or methodologies
+ Identify intrusion activity byleveraging alert data from multiple sensors and systems and determine priorityfor response
+ Assess the impact of potentiallymalicious traffic on company network and infrastructure
+ Perform in-depth analysis in supportof network monitoring and incident response operations
+ Perform live incident response(reactive (active monitoring) and proactive (passive monitoring) incidentmanagement) by identifying and remediating malicious applications andinfrastructure components
+ Develop/Monitor basic IDS/IPS rulesto identify and/or prevent malicious activity including Security sensorpolicies for IDS/IPS, Firewalls, web security gateway and logging
+ Security review and administrationof changes to networks, servers and end point devices in collaboration withnetwork operations
+ Familiarity with the REMEDYticketing system
+ Continuous Control Monitoringincluding Baseline Security (REMEDY)
+ Experience developing StandardOperating Procedures (SOPs), job aids, and hands-on training materials
+ Be able to work in fast pacedenvironment with occasional on-call activities.
+ Strong knowledge of networkingfundamentals such as TCP/IP and basic packet analysis
This position requires a Bachelor?s
degree in Computer Science, Information Sciences, or related IT discipline with
10 years of related experience. An IAM Level III certification is required:
GSLC, CISM, CISSP, or CASP. The minimum of an active interim Secret or Secret
level DoD security clearance is required.
Jacobs ISG is proud to be an EEO/AA
Essential Functions
Work Environment
Inside office/cubicle environment.
Requires ability to interact professionally with co-workers and all levels of
management (100%).
Physical Requirements
Requires sitting for extended
periods of time at a desk (90%). Requires sitting at a computer terminal for
long periods of time (90%). There is a possibility that due to parking
availability and location of work area walking moderate to long distances can
sometimes be required.
Equipment and Machines
Requires ability to operate a
personal computer, a telephone, copier, and other general office equipment
(100%). Ability to conduct evaluation of third and fourth generation or current
state of the art computer hardware and software and its ability to support
specific requirements, interfacing with other equipment and systems.
Attendance is critical. Work hours
are normally 8 hours per day and 5 days per week, Monday through Friday. Being
prompt is important to provide continuous and on-going service to customers.
Attendance is important to maintain continuity of service. Work outside of
normal duty hours may be required with as little as one hour advance notice.
Overtime is infrequent, but important when required (1%).
Other Essential Functions
Must be able to communicate
effectively, both verbally and in writing. Must be able to interface with
individuals at all levels of the organization. Must be able to obtain and
retain a security clearance. Must be a U.S. citizen. Must be able to obtain
unescorted access to work areas. Grooming and dress must be appropriate for the
position and must not impose a safety risk/hazard to the employee or others. An
IAM Level III certification is required: GSLC, CISM, CISSP, or CASP. The
minimum of an active interim Secret or Secret level DoD security clearance is
Title: _Security Operations Center (SOC) Analyst_
Location: _United States-Virginia-Crystal City_
Requisition ID: _I2S0000WJ_ aa19af8bbc004ae9b310638b634ae949

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Security Operations Center (SOC) - Tier 1 IT S...
Herndon, VA Oracle
Security Operations Center (SOC) Manger
Vienna, VA Capital one
Senior Security Operations Center (SOC) Engine...
Ashburn, VA OUTSOURCE Consulting Services, Inc
Manager - Cyber Security Operations Center (SO...
Chantilly, VA CSRA Inc.
Manager - Cyber Security Operations Center (SO...
Chantilly, VA SRA International, Inc., A CSRA Company