Apply on Employer Site

A-TEK, Inc. · 1 month ago

Cybersecurity Analyst II

Rockville, Maryland, United States

Full-time

Onsite

Mid Level

$115K/yr - $120K/yr

3+ years exp

A-TEK operates at the intersection of mission and innovation by applying deep domain expertise across federal markets. As a Cybersecurity Analyst II, you will oversee and manage Tier 2 level threat response in the client’s Security Operations Center, working with a team to monitor, detect, analyze, and respond to security incidents.

Business IntelligenceInformation Technology

No H1B

U.S. Citizen Only

Responsibilities

Respond promptly and effectively to security incidents and threats discovered by CSOC Analyst Level I and carry out effective Level II analysis of incidents

Remediation of incidents and escalation when necessary to Tier 3 support

Initial assessment of the scope of the attack and affected systems

Accurately document cases during investigations and effectively communicate findings to Level I Analyst or escalation team to ensure complete handover of work streams

Continuously improve incident management processes through periodic threat hunting exercises, knowledge optimization effort building, and by comprehensive diagnosis and analysis of incident trends

Follow the issue tracking, escalation policies and work effectively across all CSOC tiers as the technical competence requires

Dedicated monitoring and analysis of cyber security events by use of SOC tools

Incident Response generation and reporting IAW established procedures

Provide Level II technical support in CSOC operations and activities

Provide daily/weekly updates on CSOC operations and developments

Conduct Forensic analysis and respond to data call activities

Generate quality technical reports containing methodologies, findings, and recommendations

Work with external stakeholders to understand operational needs and develop effective processes

Maintain a current understanding of industry trends, emerging cyber threats, and new solutions which may impact CSOC activities

Collaborate with CSOC SME to ensure optimal performance using CSOC technology

Identify, reverse engineering and de-obfuscating digital content related to an incident

Qualification

Cybersecurity conceptsIncident responseSplunkForensic analysisSecurity+ certificationNetwork+ certificationCloud certificationVulnerability managementLeadership experienceCommunication skillsTeam collaboration

Required

3-5+ years of experience within a Level Tier 2 cybersecurity environment; experience in a leadership role is preferred

Bachelor's in information technology, Computer Science, or a related field; or relevant, commensurate work experience

Robust Certification Portfolio including Security+ and one or more of the following preferred: Network+, CEH, Azure or Cloud Certification, and Splunk Core Certified Power User

Vulnerability/cyber incident management framework

Experience with advanced technologies such as: Splunk SaaS, Splunk Enterprise Security, Splunk SaaS UBA, Crowdstrike, Tenable, Forescout, zScaler, Bigfix, MaaS-360 (IBM MaaS-360), and Encase for forensic investigations, Fireeye, Cortex XSOAR, Cortex XDR, and Prisma-Access