Job Description

Role: Senior Security Operations Center Analyst III

Location: Remote

Duration: Long Term Contract

Role Description:

The Security Operations Center Analyst III position will be a member of a dedicated security team within IBM Consulting Federal. In this role, the SOC analyst will support a dedicated 24x7x365 operation for a federal program. The SOC Analyst will provide in-depth analysis of potential security events / anomalies based on alerts, events, and tips that have been initially triaged by tier 1 analyst. The SOC Analyst will leverage all available enterprise security tools, knowledge sources, and data artifacts to determine the who, what, when, where and why of a potential security event. When required, the SOC Analyst will assist to coordinate the execution and implementation of all actions required for the containment, eradication, and recovery from cybersecurity events and incidents. The SOC Analyst will support regular reviews and updates of security documentation. The SOC Analyst will conduct proactive threat hunting to identify and mitigate potential risks.



Specific Job Duties Include:

• Perform alternating shift work on a 24x7x365 Security Monitoring, Analysis and Response.
• Support incident investigations, response, and reporting.
• Security Reporting.
• Vulnerability Analysis.
• SOC ticket queue management.
• Document actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed.
• Security documentation review and updates.
• Proactive threat hunting.

Position Requirements:

• Bachelors + minimum 7 years of relevant work experience.
• 5+ years of experience working in a 24x7x365 SOC environment.
• Analyzing system and network logs for security events, anomalies, and configuration issues.
• Experience working with SIEM technology to monitor and manage security events.
• Background in incident response, system/network operations and threat intelligence.
• Experience utilizing enterprise security technologies such as SIEM/SOAR, NGAV/EDR, Vulnerability scanners, and Threat Intelligence Platforms.
• Understanding of enterprise environments, specifically cloud-based and hybrid cloud environments.
• Understanding of common cyber intrusion frameworks such as Cyber Kill Chain, Diamond Model, MITRE ATT&CK with the ability to train others.
• Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.
• Understanding of possible attack activities such as network reconnaissance probing/ scanning, DDOS, malicious code activity, etc.
• 5+ years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
• Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell.
• Experience in two or more of these specialized areas: Insider Threat, Digital media forensic, Monitoring and detection, Incident Response.
• Security +, CEH, CFR, CCNA Cyber Ops , CCNA-Security, CySA+ **, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+.
• Understanding and experience with Federal Security Standards such as NIST and DoD.
• Understanding and experience with FedRAMP Cloud Security Requirements .

Level of Experience & Preferred Education:

• 7 years of professional experience, or more.
• Bachelor's degree, or higher.

Job Tags

Similar Jobs