Apply on Employer Site

Koniag Government Services · 3 hours ago

SOC Analyst

Baltimore, MD

Full-time

Onsite

Entry Level

1+ years exp

Koniag Government Services is a corporation supporting the values and traditions of native communities through agile employee and corporate culture. They are seeking a SOC Analyst to provide 24/7 monitoring and analysis of security event alerts across the enterprise network, identifying potential security threats and documenting incidents.

EnterpriseGovernmentProfessional Services

No H1B

Security Clearance Required

Responsibilities

Providing 24/7/365 monitoring and analysis of security event alerts across the enterprise network

Monitoring agency systems and daily log events to identify potential security threats

Sources include, but not limited to, sensor alert logs, firewall logs, content filtering logs, and Security Information and Event Management logs

Reviewing incoming alerts, investigating, and ticketing all identified potential security threats using agency incident response ticketing platform

Prioritize all incoming alerts and responds accordingly in a timely manner

Validating traffic and/or network activity (per alerts/logs) as anomalous in accordance with agency standards and procedures

Identifying, investigating, and escalating potential security threats to senior agency resources when needed

Measuring and modeling traffic, while identifying patterns and ports

Producing reports, both contractual and ad hoc, providing information on events, trends, issues, and activity as requested by the federal customer

Providing data for inclusion in the agency’s CISA report

Utilize OSINT tools to identify and mitigate potential cybersecurity threats to the customer’s network

Identifying the necessity for, and implementation of, the creation of new intrusion detection signatures

Qualification

SOC tools knowledgeIntrusion detection signaturesSecurity event monitoringCompTIA Security+ServiceNow experienceIncident responseWindows OS experienceMicrosoft 365 toolsOral communicationWritten communication

Required

Candidate must have a minimum of 1-2 years of experience as an analyst in a SOC or similar environment

Working knowledge of various SOC tools and their usage for detecting intrusion attempts

Demonstrated experience creating custom intrusion signatures to detect specific network traffic anomalies

Demonstrated experience in populating sensors with newly available signatures when responding to events or management requests

Knowledge of potential threat reporting and tracking by means of at least one large-scale ticketing system (ServiceNow, CAPRS, or other similar system)

Ability to utilize email, instant messaging, and other monitoring tools to effectively navigate through the incident response process

Strong oral presentation skills and the ability to articulate English in a clear and concise manner

Demonstrated experience with Windows Operating System and Microsoft 365 tools

High School Diploma accompanied with related advanced training and certifications in cybersecurity or a related field

Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or CompTIA CySA+. Documented proof of certifications is required prior to the start of employment

Experience with Windows Operating System and Microsoft 365 tools

Great written and oral communication skills, with the ability to convey complex information clearly and effectively

Must live within 2 hours travel of the designated Security Operations Center for which they are applying

Must be able to obtain a Public Trust