Jr Soc Analyst Jobs

Description

Looking for an exciting opportunity to make an impact as a Security Operation Center Analyst?

1901 Group (A Leidos Company) has an exciting SOC Analyst position located in Woodlawn MD with opportunities to work a hybrid schedule at home as well as the office.
POSITION SUMMARY:

Our new Security Operations Center Analyst will work with an elite team of IT professionals to maintain an optimal environment for critical systems. We are looking to hire a SOC Analyst to provide a full range of cyber security services with a focus on deception practices for developing detection methods that deceive attackers into interacting with decoys and other deception mechanisms.

Primary Responsibilities:

• Respond to computer security incidents associated with deception mechanisms and conduct threat analysis
• Monitor external event sources for security intelligence and actionable incidents
• Ensure all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
• Plan and create deception mechanisms to be deployed within the organization’s architecture
• Provide actionable intelligence for proactive detection and monitoring of potential threats
• Recommends implementation of counter-measures or mitigating controls
• Author documentation containing current deployments details and configurations
• Participate in root cause analysis or lessons learned sessions
• Perform detailed investigation and response activities for potential security incidents
• Document investigation results, ensuring relevant details are passed to SOC Leads, Incident Management team and stakeholders
• Resolve or coordinate the resolution of cyber security events related to deployed deception components
• Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
• Research new and innovative deception practices, methods and techniques
• Develop innovative monitoring and detection solutions using client tools and other skillsets such as scripting and content development
• Develop processes and procedures for deploying deception components
• Participate in deception exercises with other teams/departments to assess the effectiveness of deception components deployed within the organization’s architecture
• Create, manage, and dispatch incident tickets associated with deception detections and alerts

Basic Qualifications:

• Ability to work individually or as a team
• Proven understanding of the Cyber Kill Chain and Incident Response Phases
• Familiar with cloud environments and services
• A US Citizen who can obtain a public trust clearance
• Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
• In-depth understanding of various operating systems, network/system infrastructure, networking protocols/services and enterprise architectural design
• Communicate well with Executives, Managers, Peers and Customers.
• Must be comfortable with public speaking, presenting proposals and findings to leadership
• Excellent analysis skills and ability to identify patterns and trends in data
• Willingness and ability to work overnight shifts.
• Must be driven and motivated with excellent organization skills
• In-depth understanding of tactics and techniques utilized by adversaries
• 1 year of experience in a Penetration Testing or SOC environment
• Bachelor’s degree in Computer Science or related field and 2+ years of relevant IT experience (additional years of IT experience accepted in lieu of degree)
• Excellent written and verbal communication skills

CLEARANCE REQUIREMENTS:

• Must be able to obtain and maintain a Public Trust security clearance prior to start

Preferred Qualifications:

• Ability to think creatively and implement innovative solutions
• Familiar with AWS cloud environments, architecture, and services
• Experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• Familiarity with the MITRE ATT&CK framework
• Experience with SIEM technologies such as Splunk is preferred
• Experience with proprietary and open source deception technologies and platforms is preferred

Mid Shift (Wednesday-Saturday, 12pm-10pm EST).

Pay Range:

Pay Range $53,300.00 - $82,000.00 - $110,700.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.