Senior SOC Analyst @ Node.Digital LLC | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
Senior SOC Analyst jobs in Arlington, VA
Be an early applicantLess than 25 applicants
expire-info-iconThis job has closed.
job-post-linkOriginal Job Post
company-logo

Node.Digital LLC ยท 2 days ago

Senior SOC Analyst

positionArlington, VA
timeFull-time
remoteOnsite
senioritySenior Level
date8+ years exp

Wonder how qualified you are to the job?

ftfMaximize your interview chances
Mobile AppsSoftware

Insider Connection @Node.Digital LLC

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Assisting Federal team leads with establishing and operating a Security Operations Center responsible for securing a highly dynamic environment supporting Incident Response and Threat Hunting experts
Configuring and monitoring the Security Information and Event Management (SIEM) platform for security alerts.
Scanning and monitoring system vulnerabilities on servers and infrastructure devices using a Threat and Vulnerability security solution; coordinating artifact collection operations.
Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
Collects network intrusion artifacts (e.g., PCAP, domains, URIs, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents
Collects network device integrity data and analyzes for signs of tampering or compromise
Analyzes identified malicious network and system log activity to determine weaknesses exploited, exploitation methods, effects on system and information
Characterize and analyze artifacts to identify anomalous activity and potential threats to resources
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
Research and test new security tools/products and make recommendations for tools to be implemented in the SOC environment
Planning, coordinating, and directing the inventory, examination, and comprehensive technical analysis of computer-related evidence
Distilling analytic findings into executive summaries and in-depth technical reports
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Security operationsCyber attacks analysisSystem securityApplication securityCND policiesNetwork topologiesPalo Alto productsWifi networkingTCP/IP protocolsElastic SIEMVulnerability assessmentMonitoring toolsThreat intelligenceCrowdstrikeGray NoiseShodanMITRE Adversary TacticsMITRE ATT&CKSelf-starterLeadershipCollaborationElastic SIEM EngineeringSnortEDR ToolsNetwork Analysis SoftwareCarvingExtracting InformationNon-traditional Network TrafficPreserving Evidence IntegrityDesigning Cyber Security Systems

Required

U.S. Citizenship
Must have an active Secret clearance, TS/SCI preferred
Must be able to obtain DHS Suitability
Must demonstrate being a self-starter and give examples of leadership in customer-facing roles
8+ years of directly relevant experience in security operations using leading-edge technologies and industry-standard tools
Experience with the analysis and characterization of cyber attacks
Skilled in identifying different classes of attacks and attack stages
Knowledge of system and application security threats and vulnerabilities
In-depth knowledge of CND policies, procedures, and regulations
In-depth knowledge and experience of network topologies - DMZs, WANs, etc. and use of Palo Alto products
In-depth knowledge and experience of Wifi networking
In-depth knowledge of TCP/IP protocols such as ICMP, HTTP/S, DNS, SSH, SMTP, SMB
Experience using Elastic SIEM
Experience with vulnerability assessment and monitoring tools such as Security Center, Nessus, and Endgame
Experience with reconstructing a malicious attack or activity based on network traffic
Experience incorporating Threat Intelligence
Experience with Crowdstrike, Gray Noise and Shodan
Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
Must be able to work collaboratively across physical locations
BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics and network forensic experience

Preferred

Proficiency in Elastic SIEM engineering
Proficiency with Snort
Proficiency with other EDR Tools (Crowdstrike, Carbon Black, etc)
Proficiency with network analysis software (e.g. Wireshark)
Proficiency with carving and extracting information from PCAP data
Proficiency with non-traditional network traffic (e.g. Command and Control)
Proficiency with preserving evidence integrity according to standard operating procedures or national standards
Proficiency with designing cyber security systems and environments in a Linux
Proficiency with virtualized environments
Proficiency in conducting all-source research
GSOM, GSOC, GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNFA

Benefits

Medical
Dental
Vision
Basic Life
Long-Term Disability
Health Saving Account
401K
Three weeks of PTO
10 Paid Holidays
Pre-Approved Online Training

Company

Node.Digital LLC

twittertwitter
company-logo
We Love Building Innovative Digital Solutions using AI Automation and Machine Learning to Solve Complex Problems for our Customers' Missions.
dateFounded in 2017
location
Leesburg, Virginia, USA
people-size11-50 employees
web-link
https://www.node.digital

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Prakash Y.
Founder, CEO
linkedin
leader-logo
Michael Bonnette
CTO / Director, Digital Services
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot