SOC Analyst in Lanham, MD at APEX Systems

Date Posted: 10/19/2019

Job Snapshot

Job Description

Job #:  1001124
If interested, please send over an updated resume in WORD format to mkleiman@apexsystems.com
 
Job Description:
Description:
  • The Information Security Analyst is part of a fast paced, highly skilled team that provides analysis to real-time event data to detect, analyze and respond to security incidents. 
  • The individual will need to be able to document and communicate effectively with customers and internal teams, assist in the investigation of events and follow-up with corrective actions and reporting.
  • The individual should have an investigative mindset that allows them to think out of the box as to why events are occurring and provide a rapid, but accurate, response to the emerging threats and trends.
  • Candidate needs be motivated to learn about new exploits/vulnerabilities and communicate the new threats to peers and leadership.

 
Position Objectives:
  • Perform real-time analysis of events and execute notifications and escalations within 60 minutes of event occurrence
  • Perform analysis and incident handling 24x7x365 (includes holidays).
  • Perform a true and necessary documentation of Incident Handling and analysis, leaving nothing to interpretation.

 
Essential duties:
  • Review and respond to real-time technical information security events and manage incidents
  • Document trends and events into database for tracking.
  • Be excited about security and interested in communicating, documenting and speaking about security events and incidents.

 
Required skills:
  • Confident and effective communication skills regarding security concerns, issues and events
  • Technical across a broad range of network, command line scripting, computing, storage, & encryption methodologies.
  • In depth understanding of the IP protocol stack and experience troubleshooting and good experience reading network packet captures
  • Understanding and applied experience with NIX & Microsoft operating system platforms
  • Experience and ability to conduct detailed network forensic analysis of multiple devices and operating systems.
  • Experience in programming using shell scripts, PERL, Ruby, or Python along with the ability to understand, modify, and compile some source code for intrusion testing and developing defensive measures.
  • Experience analyzing events from Intrusion Detection Systems (Snort, Sourcefire, Cisco, etc) and Firewall logs (ASA, Checkpoint, iptables, etc), System Logs (Event Logs, Security, syslog, etc).
  • Conduct internal and external incident response functions, coordinating such with outside agencies to provide detailed reports on results of findings and analysis.
  • Strong oratory and electronic communications ability to crisply and effectively communicate with customers.
  • Desire and ability to maintain focus while analyzing complex events and logs

 
 
Education:
Education or Equivalent Experience: Certification or specialized training desired:
  • SANS GCIA, GCIH, GCED and/or GCFA Certifications preferred.  
  • tcpdump/Wireshark/TCP/IP Analysis, IDS (Snort/Sourcefire),
  • Incident Handling and Response
  • Training/Knowledge of NIDS, Tripwire, Snort, Sourcefire
  • Bachelor’s Degree in Computer Science, Computer Engineering or Mathematics and 5 years of professional IT security analysis experience 8 years of professional IT security analysis.

 
Qualifications:
  • Historical experience with daily monitoring of vendor and other security alerts (CERT, SANS, BugTraq)
  • Experience writing Intrusion Detection Signatures and other Network Intrusion Detection Systems.
  • Experience and knowledge of modern encryption methods and implementation with web and internet-based security systems
  • Ability to train and present security events and incidents to all levels within the organization.
  • Experience dealing with network abuse issues.
  • Basic navigation and querying in SPLUNK
  • Utilize creative methods to monitor, identify and mine trends and incidents within extremely large datasets through statistical and/or automated fashions
  • Support an environment for learning and sharing with other analysts and security professionals within the organization on the trends of attack
  • Writing white papers or building presentations that can be published/presented internally or to external entities.

 
 
 
 
 
 
 
 
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178-6178.