Job Details: Cybersecurity SOC Analyst

Job Title : Cybersecurity SOC Analyst
Job Ref No : 24481-1351
Job Posted Date : 3/10/2018
Job State : District of Columbia
Job City : Washington
Who Can Apply : US Citizens, GC, EAD, TN, H1B
Skills Required : ,

Job Description :

Job ID: Cybersecurity SOC Analyst (530677).
Rate may vary depending on candidate preference for either w-2 (benefits or no benefits) or must have a LLC limited liability corporation.
Location: Washington, DC
Years of experience: 6-10 + years experience.
Duration: 9/30/18 +
Number of positions: 1
Interviews: Either webcam or in-person.

Job Description:

The SOC Analyst is a tier 2 tech resource responsible for monitoring, detecting, analyzing, remediating, and reporting on cyber events and incidents impacting the tech infrastructure of the District of Columbia. Serves as advanced escalation point.


The SOC Analyst is a tier 2 tech resource responsible for monitoring, detecting, analyzing, remediating, and reporting on cyber events and incidents impacting the tech infrastructure of the District of Columbia. Serves as advanced escalation point.

Specific tasks:

1. Provide in-depth cybersecurity analysis, and trending of log, event data, and alerts from diverse network devices and applications within the enterprise to identify and troubleshoot specific cybersecurity incidents and make sound recommendations that enable expeditious remediation.
2. Conduct security tool/application (for example, mcafee siem) tuning engagements with analysts and engineers to develop/adjust rules and analyst response procedures and reduce false-positives from alerting.
3. Utilize advanced background and experience in information technology and incident response handling to scrutinize escalated cybersecurity events from tier 1 analystsdistinguishing these events from benign activities, and escalating confirmed incidents to the incident response lead.
4. Recognize, create and ingest indicators of compromise (iocs) for attacker tools, tactics, and procedures into network security tools/applications (for example, mcafee siem, palo alto content filter, anomali threatstream) to protect the government of the district of columbia network.
5. Provide technical analytical guidance to, and quality-proofing of tier 1 analysts analytical advisories and assessments prior to release from soc.
6. Coordinate with and provide expert technical support to enterprise-wide technicians and staff to resolve confirmed incidents.
7. Report common and repeat problems (trend analysis) to soc management and propose process and technical improvements to improve the effectiveness and efficiency of the incident handling process.
8. Respond to inbound requests via phone and other electronic means for technical assistance, and resolve problems independently. Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues.

Minimum qualifications:
1. Five years of hands-on operational experience as a cybersecurity analyst/engineer in a security operations center, or equivalent knowledge in areas such as; cybersecurity operations, incident analysis and handling, vulnerability management, log analysis, and intrusion detection.
2. In-depth understanding of cybersecurity attack countermeasures for adversarial activities such as network probing and scanning, distributed denial of service (ddos), phishing, malicious code activity such as worms, trojans, viruses, etc.
3. In-depth hands-on experience analyzing and responding to security events and incidents with a majority of the following technologies and/or techniques. Leading security information and event management (siem) technologies, intrusion detection/prevention systems (ids/ips), network- and host- based firewalls, data leak protection (dlp), database activity monitoring (dam), web content filtering, vulnerability scanning tools, endpoint protection, secure coding, etc.
4. Excellent interpersonal, organizational, oral, communication and customer service skills.
5. Strong knowledge of cybersecurity attack methodology to include tactics and techniques, and associated countermeasures.
6. Strong knowledge of tcp/ip protocols, services, networking, and experience identifying, analyzing, containing, and eradicating cybersecurity threats.
7. Adept at proactive search of the internet and other sources to identify cybersecurity threat countermeasures, not previously ingested into network security tools/applications, to apply to protect the government of the district of columbia network.
8. Excellent ability to multi-task, prioritize, and manage time and tasks effectively.
9. Ability to work effectively in stressful situations.
10. Strong attention to detail.
The ideal candidate will have a technical background with significant previous experience in an enterprise environment with the following:
1. Previous experience leading a soc team unit responsible for analysis and correlation of cybersecurity event data.
2. Skilled in understanding, recognizing, and detecting cybersecurity exploits, vulnerabilities, and intrusions in host and network-based systems.
3. Comprehensive knowledge of defense-in-depth principles and network security architecture.
4. Experience with review of raw log files, and data correlation of firewall, network flow, ids, and system logs.
5. Experience in host forensics.
6. Knowledge of common network tools (e.g., ping, traceroute, nslookup).
7. Comprehensive understanding of network services, windows/unix port, services.
8. Understanding of database structure and queries.
Minimum education/certification requirements:
1. Undergraduate degree in computer science, information technology, or related field.
2. Gcia, gced, gpen, gcih or similar industry certification desired.

This position requires shift work in a 11x5 environment, and the capacity to work evening, overnight, and weekend hours as required. This position does not require a u.s. Government security clearance. On-going travel is not anticipated.


1. Determines enterprise information assurance and security standards.
2. Develops and implements information assurance/security standards and procedures.
3. Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance/security solutions to support customers requirements.
4. Identifies, reports, and resolves security violations.
5. Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
6. Supports customers at the highest levels in the development and implementation of doctrine and policies.
7. Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
8. Performs analysis, design, and development of security features for system architectures.
9. Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
10. Designs, develops, engineers, and implements solutions that meet security requirements.
11. Provides integration and implementation of the computer system security solution.
12. Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
13. Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
14. Ensures that all information systems are functional and secure.

Question: Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement?
Question: Please list candidates email address that will be used when submitting E-RTR.
Question: This position is designated to require enhanced suitability by the DC Government. This will require a fingerprint background check. The candidate must complete all compliance items and be ready to work within 21 days of the engagement request. Do you accept this requirement?

Are you Looking for a IT Training or IT Job?

Quick Apply this Job!

(doc, docx, rtf, pdf, txt were Acceptible)

quick Apply this job - It takes < 1 min to Apply!

Related Jobs

Salesforce Programmer Analyst 2

JOB ID: Salesforce Programmer Analyst 2 (531478).Rate may vary depending on candidate preference for either w-2 (be..

SQL Database Admin 3

JOB ID: SQL Database Admin 3 (531226).Rate may vary depending on candidate preference for either w-2 (benefits or ..

Programmer Analyst 2

Job ID: Programmer Analyst 2- (530409).NOTE: Please confirm your candidate is a US Citizen. No visa candidates.<..

PennDOT - Emerging SA3

Job ID: PennDOT - Emerging SA3 (529782).Location: Harrisburg, PANumber of positions: 1Interview: First roun..

Order Management

Job Title – Order Management Job Details – The contractor will be assigned in order management. Duties will inclu..

Agile Coach/ Scrum Master

Title: Agile Coach/ Scrum MasterLocation: Westbrook, MEDuration: 6-month + contractYears Of Experience: 5+..

Salesforce Consultant

JOB ID: Salesforce Consultant (531243)(Rate may vary depending on candidate preference for either w-2 (benefits or ..

Facets Developer

Role: Facets DeveloperRemote PositionLong Term ContractJob Roles/ResponsibilitiesConfigure the a..

Scrum Master

Title: Scrum MasterDuration: 6-month + contractLocation: Westbrook, MEInterview method: Phone / Skype.<b..

Senior App Sec Assessment Eng

Job ID: Senior App Sec Assessment Eng. (528327).Rate may vary depending on candidate preference for either w-2 (ben..