Job Information
BCMC Senior SOC Analyst in Arlington, Virginia
The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and communications infrastructure. HIRT provides DHS’s front line response for cyber incidents and proactively hunting for malicious cyber activity. BCMC performs HIRT investigations to develop a preliminary diagnosis of the severity of breaches. BCMC provides HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Contract personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. BCMC is seeking a Senior SOC Analyst to support this critical customer mission.
Responsibilities:
Assisting Federal team leads with establishing and operating a Security Operations Center responsible for securing highly dynamic environment supporting Incident Response and Threat Hunting experts
Configuring and monitoring Security Information and Event Management (SIEM) platform for security alerts.
Scanning and monitoring system vulnerabilities on servers and infrastructure devices using a Threat and Vulnerability security solution; coordinating artifact collection operations.
Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
Collects network intrusion artifacts (e.g., PCAP, domains, URI’s, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents
Collects network device integrity data and analyze for signs of tampering or compromise
Analyzes identified malicious network and system log activity to determine weaknesses exploited, exploitation methods, effects on system and information
Characterize and analyze artifacts to identify anomalous activity and potential threats to resources
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
Research and test new security tools/products and make recommendations of tools to be implemented in the SOC environment
Planning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer related evidence
Distilling analytic findings into executive summaries and in-depth technical reports
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
Required Skills:
U.S. Citizenship
Must have an active Secret clearance, TS/SCI preferred
Must be able to obtain DHS Suitability
Must demonstrate being a self-starter and give examples of leadership in customer-facing roles
8+ years of directly relevant experience in security operations using leading edge technologies and industry standard tools
Experience with the analysis and characterization of cyber attacks
Skilled in identifying different classes of attacks and attack stages
Knowledge of system and application security threats and vulnerabilities
In depth knowledge of CND policies, procedures and regulations
In depth knowledge and experience of network topologies
DMZ’s, WAN’s, etc. and use of Palo Alto products
In depth knowledge and experience of Wifi networking
In depth knowledge of TCP/IP protocols such as ICMP, HTTP/S, DNS, SSH, SMTP, SMB,
Experience using Elastic SIEM
Experience with vulnerability assessment and monitoring tools such as Security Center, Nessus, and Endgame - Experience with reconstructing a malicious attack or activity based on network traffic
Experience incorporating Threat Intelligence
Experience with Crowdstike, Gray Noise and Shodan
Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
Must be able to work collaboratively across physical locations.
Desired Skills:
Proficiency in Elastic SIEM engineering
Proficiency with Snort
Proficiency with other EDR Tools (Crowdstrike, Carbon Black, Etc)
Proficiency with network analysis software (e.g. Wireshark)
Proficiency with carving and extracting information from PCAP data
Proficiency with non-traditional network traffic (e.g. Command and Control)
Proficiency with preserving evidence integrity according to standard operating procedures or national standards - Proficiency with designing cyber security systems and environments in a Linux
Proficiency with virtualized environments
Proficiency with conducting all-source research.
Required Education: BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics and network forensic experience
Desired Certifications:
GSOM, GSOC, GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNFA
Our Company Overview:
Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services to all of our clients.
Benefits
Extremely competitive salary
95% employer paid for employee medical, dental, & vison coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11 standard holidays & 3 weeks of annual leave
Our Company Overview:
Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services to all of our clients.
Benefits
Extremely competitive salary
95% employer paid for employee medical, dental, & vison coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11 standard holidays & 3 weeks of annual leave
HBA04
ESS-3168
Powered by JazzHR