UltraViolet Cyber

Senior Security Analyst, SOC

UltraViolet Cyber

full-time

Posted on:

Location Type: Office

Location: Herndon • Virginia • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $80,000 - $120,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloudDNSFirewallsLinuxOracleSMTPSplunkSQL

About the role

  • Monitor and analyze security events and alerts reported by the SIEM on a 24x7 basis to identify and investigate suspicious or malicious activity
  • Work as part of a large team that rotates 3x12 or 4x12 hour shifts
  • Analyze logs and events from traditional and non-traditional device feeds (e.g., HR data, badging information, physical security devices)
  • Provide documentation detailing any additional information collected and maintained for each security investigation
  • Record all artifacts (emails, logs, documents, URLs, screenshots, etc.) associated with security events and incident investigations within the SOC incident and tracking application
  • Coordinate and escalate incidents as appropriate and maintain incident records
  • Perform analysis across OS, network, and cloud environments to determine incident scope and impact
  • Work onsite 5 days per week in Herndon, VA and support Federal and Commercial clients

Requirements

  • Active US Secret Security Clearance
  • 5+ years of experience working in a Security Operations Center (SOC) or Network Operations Center (NOC) environment performing security event monitoring and analysis
  • Working knowledge of various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks
  • Working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS)
  • Familiarity with adversarial tactics, techniques, and procedures (TTPs)
  • Must be capable of analyzing security logs and events from devices including Firewalls, IDS/IPS, HIDS/HIPS, proxy/web filters, vulnerability scans, routers, NetFlow, VPN gateways, server event logs, e-mail and host anti-virus, desktop security monitoring agents, anti-virus servers, DNS/DHCP services, NAT devices, MDM (e.g. cellphones), PKI, and cloud security infrastructure (e.g. AWS, Azure, Oracle, Salesforce)
  • 8570 Certification(s): Security+ or equivalent
  • Clearance Requirements: Secret Clearance
  • High school diploma needed
  • Must be legally allowed to work in the US, and the work must be done in the US
  • Requires 5 days onsite per week in Herndon, VA
  • Rotate 3x12 or 4x12 hour shifts
  • No third-party candidates will be considered
  • Preferred: Security+, GCIH, CEH, or CYSA+
  • Preferred: Experience with Splunk query language
  • Preferred: Experience with IDS/IPS/firewall/security configurations and signature development
  • Preferred: Experience with PCAP analysis
  • Preferred: Experience with Tanium threat response
  • Preferred: Experience working with a ticket management system to collect, document and maintain information pertinent to security investigations and incidents
  • Preferred: Excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings
  • Preferred: Experience in monitoring the operational status of monitoring components and escalating and reporting outages
  • Preferred: Conceptual understanding of Windows Active Directory
  • Preferred: Experience with SIEM platforms that perform log collection, analysis, correlation, and alerting
  • Preferred: Experience with identification and implementation of counter-measures or mitigating controls
  • Preferred: Experience collecting and maintaining information pertinent to security investigations and incidents in an analyzable format
Benefits
  • 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
  • Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
  • Group Term Life, Short-Term Disability, Long-Term Disability
  • Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
  • Participation in the Discretionary Time Off (DTO) Program
  • 11 Paid Holidays Annually

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
security event monitoringlog analysisincident investigationnetwork communicationsrouting protocolsadversarial tacticssecurity log analysisPCAP analysiscounter-measures implementationcloud security
Soft skills
communication skillsdocumentation skillsteam collaborationincident coordinationanalytical skills
Certifications
Security+GCIHCEHCYSA+8570 Certification