Cybersecurity SOC Analyst Tier II
Posted on Jun 14, 2019 by Perspecta
Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work. We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselves-to respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers.
Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many ways-not only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter.
Perspecta's talented and robust workforce-14,000 strong-stands ready to welcome you to the team. Let's make an impact together.
Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories
The Perspecta Cyber Security Team is looking for a Tier II Senior Cyber Security Analyst to join our team.
- Develop IDS/IPS and SIEM content and rules
- Perform analyst activities using security devices such as QRADAR SIEM (or similar), Packet Capture, Forensics, Proofpoint, IPS, firewalls, endpoint security, and FireEye
- Perform Computer Security Incident Response activities for a large organization, coordinate with other enterprise IT teams to record and report incidents. Work incidents from cradle to grave
- Conduct forensics and investigations as needed using security tools such as ProofPoint, SIEM, and EnCase
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
- Investigate, interpret, and responds to technical and/or complex IT security data.
- Minimum 8 years with BS/BA or 6 years with MS/MA degree
- Must have active TS/SCI w/CI Poly.
- Comprehensive knowledge and mastery of this field and the ability to complete difficult and complex assignments on time within a fast paced environment.
- Demonstrated ability to work with matrixed resources in a team environment.
- Experience implementing Security Information and Event Management (SIEM) products such as QRadar and Splunk in a complex network environment and assist security analysts in building operational processes around the SIEM ecosystems
- Engineering related certifications, extensive experience with IT security tools, working technical knowledge of network, server, storage and desktop hardware and software
- Expert-level skills in Incident Response and Intrusion Monitoring
- Must have a strong foundation of Network and Security skills, fundamental knowledge of Windows, Linux and Cisco operating systems, networking protocols and network traffic analysis.
- Excellent analytical, communication and problem solving skills as well as interpersonal skills to interact with users, team members and senior management; subject matter.
- Must be capable of working with a security team of varying experience levels to effectively monitor and investigate security incidents as well as make recommendations to improve the security posture of a large organization.
- Independent tasking and project completion with little supervision is a must!
- Certifications include: CISSP, GREM, GCIH, GCIA, CEH, GCED, GCFA, OSCP
- Technical certifications
- Prior experience successfully providing the full range of IT cyber security tasks.
- Strong working knowledge with industry IT security tools
- Able to work independently and complete projects with little supervision