Tyto Athene, LLC
Tyto Athene is searching for a
Incident Detection Analyst
to support our customer in Washington, DC.
Hours of Operation/Shift Monday-Friday 3PM EST - 11:30PM EST
Responsibilities
Review, annotate, and resolve security incidents as part of the Intrusion Detection Team, Watch Officer, SOC management, or other SOC teams 24/7, subject to change based on AOUSC needs.
Conduct Incident Triage to prioritize security incidents, identify relevant data sources, and take immediate actions to evaluate and contain threats following SOC procedures.
Perform deep dive analysis of malicious links and files, both manual and automated.
Configure and tune shared SOC security tools to reduce false alerts.
Provide Executive Summaries and 5W briefing slides for leadership.
Generate and deliver time/trend/event-based metric reports for SOC management.
Communicate event notifications clearly to customers, with sufficient detail for system or network administrators.
Support local incident responders, providing notifications, guidance, and end-to-end incident response support, coordinating with other SOC teams as needed.
Document all communications and actions in the SOC ticketing system, escalate issues as necessary.
Support the Judiciary Special Tactics and Active Response (JSTAR) team during critical incidents.
Escalate events and non-responsiveness, track notifications, and follow escalation procedures.
Review and update the Incident Handlers Guide and recommend updates to SOC procedures.
Perform tasks and demonstrate skills as outlined in NIST SP 800-181 for Cyber Defense Incident Responders.
Required Qualifications
6+ years of security intrusion detection experience with logging technologies, including WAN, host, IDS/IPS/HIPs, server logs, and raw data logs.
Excellent communication skills, both oral and written.
Experience with Splunk SIEM.
At least three years of senior-level experience analyzing logs, creating advanced queries in Splunk or grep, reviewing firewall ACLs, Snort IDS events, Pcaps, and web server logs in SIEM environments.
Education/Certifications
Bachelor’s degree in Information Systems, Computer Science, or related field preferred.
Splunk Fundamentals I & II certifications.
Clearance
Public Trust clearance required.
Compensation Compensation varies based on skills and experience. It is not guaranteed and depends on multiple factors including education, certifications, and experience.
Benefits Benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave.
Tyto Athene is a leader in IT services, delivering solutions in Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT, supporting clients across the U.S. and worldwide for over 50 years.
We foster a collaborative and innovative environment where every team member contributes to shaping the future of technology. Join #TeamTyto!
Tyto Athene is an Equal Opportunity Employer. All qualified applicants will receive consideration regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any characteristic protected by law.
#J-18808-Ljbffr
Incident Detection Analyst
to support our customer in Washington, DC.
Hours of Operation/Shift Monday-Friday 3PM EST - 11:30PM EST
Responsibilities
Review, annotate, and resolve security incidents as part of the Intrusion Detection Team, Watch Officer, SOC management, or other SOC teams 24/7, subject to change based on AOUSC needs.
Conduct Incident Triage to prioritize security incidents, identify relevant data sources, and take immediate actions to evaluate and contain threats following SOC procedures.
Perform deep dive analysis of malicious links and files, both manual and automated.
Configure and tune shared SOC security tools to reduce false alerts.
Provide Executive Summaries and 5W briefing slides for leadership.
Generate and deliver time/trend/event-based metric reports for SOC management.
Communicate event notifications clearly to customers, with sufficient detail for system or network administrators.
Support local incident responders, providing notifications, guidance, and end-to-end incident response support, coordinating with other SOC teams as needed.
Document all communications and actions in the SOC ticketing system, escalate issues as necessary.
Support the Judiciary Special Tactics and Active Response (JSTAR) team during critical incidents.
Escalate events and non-responsiveness, track notifications, and follow escalation procedures.
Review and update the Incident Handlers Guide and recommend updates to SOC procedures.
Perform tasks and demonstrate skills as outlined in NIST SP 800-181 for Cyber Defense Incident Responders.
Required Qualifications
6+ years of security intrusion detection experience with logging technologies, including WAN, host, IDS/IPS/HIPs, server logs, and raw data logs.
Excellent communication skills, both oral and written.
Experience with Splunk SIEM.
At least three years of senior-level experience analyzing logs, creating advanced queries in Splunk or grep, reviewing firewall ACLs, Snort IDS events, Pcaps, and web server logs in SIEM environments.
Education/Certifications
Bachelor’s degree in Information Systems, Computer Science, or related field preferred.
Splunk Fundamentals I & II certifications.
Clearance
Public Trust clearance required.
Compensation Compensation varies based on skills and experience. It is not guaranteed and depends on multiple factors including education, certifications, and experience.
Benefits Benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave.
Tyto Athene is a leader in IT services, delivering solutions in Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT, supporting clients across the U.S. and worldwide for over 50 years.
We foster a collaborative and innovative environment where every team member contributes to shaping the future of technology. Join #TeamTyto!
Tyto Athene is an Equal Opportunity Employer. All qualified applicants will receive consideration regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any characteristic protected by law.
#J-18808-Ljbffr