UltraViolet Cyber
Security (SOC) Analyst, Secret Clearance Required
UltraViolet Cyber, Herndon, Virginia, United States, 22070
Overview
Security (SOC) Analyst, Secret Clearance Required. The role requires a US Government issued Secret Clearance, 5 days onsite per week in Herndon, VA, and a 3x12 or 4x12 shift rotation. The position monitors and analyzes security events and alerts reported by the SIEM on a 24x7 basis to identify and investigate suspicious or malicious activity or policy violations. Responsibilities
Monitor and analyze security events and alerts reported by the SIEM on a 24x7 basis to identify and investigate suspicious or malicious activity, or other cyber events which violate policy. Analyze logs and events from devices and future data feeds (e.g., HR data, badging information, physical security devices) that may send data to the SOC. Provide documentation detailing additional information collected and maintained for each security investigation. Record all artifacts (emails, logs, documents, URLs, screenshots, etc.) associated with security events and incident investigations within the SOC tracking system. Work on-site in the US and ensure compliance with applicable security and privacy requirements. Qualifications
Active US Secret Security Clearance. 3+ years of experience in a Security Operations Center (SOC) or Network Operations Center (NOC) environment with security event monitoring and analysis. Working knowledge of operating systems (Windows, macOS, Linux) commonly deployed in enterprise networks. Working knowledge of network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS) and common internet applications and standards (SMTP, DNS, DHCP, SQL, HTTP, HTTPS). Familiarity with adversarial tactics, techniques, and procedures (TTPs). Experience analyzing security logs and events from devices such as firewalls, IDS/IPS, HIDS/HIPS, proxies/web filters, vulnerability scanners, routers, IP accounting systems, VPN gateways, mail servers, and security agents; familiarity with cloud security (e.g., AWS, Azure, Oracle, Salesforce). Ability to document artifacts and maintain information relevant to investigations for analysis and reporting. Must be legally allowed to work in the US; on-site work in the US only; no third-party candidates. Education, Certification & Clearance
8570 Certification(s): Security+ or equivalent. Clearance Requirements: Secret Clearance. High school diploma required. Preferred Skills
Certifications such as Security+, GCIH, CEH, or CYSA+ are desirable. Experience with Splunk query language. Experience with IDS/IPS/firewall configurations and signature development. Experience with PCAP analysis and Tanium threat response. Experience in analyzing IT security events to discern legitimate incidents and identify malicious code or activities. Experience with ticketing systems to document investigations. Strong verbal and written communication skills for security incident reports and briefings. Experience monitoring the operational status of monitoring components and escalating outages. Understanding of Windows Active Directory is desirable. Experience with SIEM platforms and log correlation and alerting. Experience implementing counter-measures or mitigating controls for enterprise networks. Benefits
401(k) with employer match (100% of the first 3% contributed, 50% of the next 2%). Medical, Dental, and Vision Insurance (first eligible month after start). Group Term Life, Short-Term Disability, Long-Term Disability; voluntary options available. Discretionary Time Off (DTO) program and 11 paid holidays annually. UltraViolet Cyber welcomes and encourages diversity in the workplace. We thank all applicants for their interest. This description reflects the role and not all company-wide policies or practices. The company is an equal opportunity employer and makes hiring decisions based on qualifications.
#J-18808-Ljbffr
Security (SOC) Analyst, Secret Clearance Required. The role requires a US Government issued Secret Clearance, 5 days onsite per week in Herndon, VA, and a 3x12 or 4x12 shift rotation. The position monitors and analyzes security events and alerts reported by the SIEM on a 24x7 basis to identify and investigate suspicious or malicious activity or policy violations. Responsibilities
Monitor and analyze security events and alerts reported by the SIEM on a 24x7 basis to identify and investigate suspicious or malicious activity, or other cyber events which violate policy. Analyze logs and events from devices and future data feeds (e.g., HR data, badging information, physical security devices) that may send data to the SOC. Provide documentation detailing additional information collected and maintained for each security investigation. Record all artifacts (emails, logs, documents, URLs, screenshots, etc.) associated with security events and incident investigations within the SOC tracking system. Work on-site in the US and ensure compliance with applicable security and privacy requirements. Qualifications
Active US Secret Security Clearance. 3+ years of experience in a Security Operations Center (SOC) or Network Operations Center (NOC) environment with security event monitoring and analysis. Working knowledge of operating systems (Windows, macOS, Linux) commonly deployed in enterprise networks. Working knowledge of network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS) and common internet applications and standards (SMTP, DNS, DHCP, SQL, HTTP, HTTPS). Familiarity with adversarial tactics, techniques, and procedures (TTPs). Experience analyzing security logs and events from devices such as firewalls, IDS/IPS, HIDS/HIPS, proxies/web filters, vulnerability scanners, routers, IP accounting systems, VPN gateways, mail servers, and security agents; familiarity with cloud security (e.g., AWS, Azure, Oracle, Salesforce). Ability to document artifacts and maintain information relevant to investigations for analysis and reporting. Must be legally allowed to work in the US; on-site work in the US only; no third-party candidates. Education, Certification & Clearance
8570 Certification(s): Security+ or equivalent. Clearance Requirements: Secret Clearance. High school diploma required. Preferred Skills
Certifications such as Security+, GCIH, CEH, or CYSA+ are desirable. Experience with Splunk query language. Experience with IDS/IPS/firewall configurations and signature development. Experience with PCAP analysis and Tanium threat response. Experience in analyzing IT security events to discern legitimate incidents and identify malicious code or activities. Experience with ticketing systems to document investigations. Strong verbal and written communication skills for security incident reports and briefings. Experience monitoring the operational status of monitoring components and escalating outages. Understanding of Windows Active Directory is desirable. Experience with SIEM platforms and log correlation and alerting. Experience implementing counter-measures or mitigating controls for enterprise networks. Benefits
401(k) with employer match (100% of the first 3% contributed, 50% of the next 2%). Medical, Dental, and Vision Insurance (first eligible month after start). Group Term Life, Short-Term Disability, Long-Term Disability; voluntary options available. Discretionary Time Off (DTO) program and 11 paid holidays annually. UltraViolet Cyber welcomes and encourages diversity in the workplace. We thank all applicants for their interest. This description reflects the role and not all company-wide policies or practices. The company is an equal opportunity employer and makes hiring decisions based on qualifications.
#J-18808-Ljbffr