SOC Analyst

Job Title: SOC Analyst Location: Ashburn, VA (Remote) Experience: 2+ Entry Level Work Authorization: USC, GC and EAD Job Details: Supporting the Cyber Defense Operations Center (CDOC) team, provide event triage, response, and log analysis, including: • Triage events and alerts to determine if an incident has occurred including locating owners of assets, validating if an event was a true positive, and escalating incidents as necessary to the Incident Response team (CSIRT) • Perform rapid response and triage of security reports from Cybercrime and other teams, appropriately investigating, containing, escalate based on the determination, and ticket closure • Perform thorough analysis on email phishing reports and threats. Ensure appropriate containment & eradication is performed based on the threat perceived & documented guidance • Facilitate communication and collaborate with internal teams, management, and external stakeholders to provide timely updates on incident progress • Perform basic forensic examinations on hosts and support CSIRT on response tasks when engaged • Create recommendations and requirements for content detection and response 2 Demonstrate solid understanding & experience with security controls/tooling used by CDOC, including: • Splunk and Elasticsearch (SIEM/Logging) • Splunk SOAR (Case Management) • Endpoint Security: Microsoft Defender for Endpoint, CrowdStrike, Wazuh, & Tanium • Network Security: Netskope SWG and CASB, Palo Alto IPS, CloudFlare WAF, Extrahop, & NetWitness • IAM: Azure AD • Intermediate knowledge of Public Cloud environments to support AWS & GCP threat response 3 Strong understanding of networking & a variety of IT systems, apps, & their operational configurations 4 Knowledge of Threat Actor tactics, techniques, and procedures (TTPs), log analysis, network traffic analysis, and analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise 5 Strong oral & written communication abilities to engage with internal stakeholders within & outside of InfoSec 6 Roles will support 8-hour work shifts (during the day) 7 Roles may require overtime, on-call, & weekend coverage (shift rotation) from time-to-time Apply tot his job