Sr. SOC Analyst

Apex Systems Vienna, VA



Sr. SOC Analyst

Vienna, VA

As a SOC Analyst you will directly support the Security Operations Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response. The analyst will also work other analyst staff with development and enhancement of existing detection and response capabilities including creation of SIEM content, IDS rules, SOP documentation, and implementation of incident response methodologies.

Responsibilities:

  • General SIEM (Splunk) monitoring, analysis, content development, and maintenance
  • Research, analysis, and response for alerts; including log retrieval and documentation
  • Conduct analysis of network traffic and host activity across a wide array of technologies and platforms
  • Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
  • Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management
  • Process abuse inbox emails (spam, phishing, etc.)
  • Process tickets assigned to the SOC/CSIRT group
  • Maintain strong standards, and promote productivity, accountability and high morale
  • Influence and improve upon existing processes through innovation and operational c
  • change
  • Ensure the SOC analyst team is providing excellent customer service and support
  • Track threat actors and associated tactics, techniques, and procedures (TTPs)
  • Capture intelligence on threat actor TTPs
  • Develop countermeasures in response to threat actors
  • Analyze network traffic (packet capture) and logs
  • Analyze IDS/IPS events
  • Analyze malicious campaigns and evaluate effectiveness of security technologies
  • Develop advanced queries and alerts to detect adversary actions
  • Coordinate with engineering teams to implement developed analytics

Required Qualifications:

  • 5+ years of SOC or MSSP experience
  • 3+ years of Splunk experience
  • Bachelor’s degree or higher in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, Information Systems, etc.
  • Relevant security certifications (CISSP, GCIA, GCIH, GREM, CEH, etc.)
  • Strong analytical and investigation skills
  • Working knowledge of security architectures and devices
  • Working knowledge of threat intelligence consumption and management
  • Working knowledge of root causes of malware infections and proactive mitigation
  • Working knowledge of lateral movement, footholds, and data exfiltration techniques
  • Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
  • Experience and knowledge of packet flow, TCP/UDP traffic, firewall technologies, IDS technologies, proxy technologies, and antivirus, spam and spyware solutions
  • Convert intelligence into actionable mitigation and technical control recommendations

Preferred Qualifications:

  • Experience with active threat hunting and adversary tracking
  • Experience as a government contractor
  • Perform memory analysis
  • Host-based forensic investigation and analysis
  • Perform malware analysis
  • Experience with computer exploitation methodologies

Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [Click Here to Email Your Resumé] or 844-463-6178.

EEO Employer

Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [Click Here to Email Your Resumé] or 844-463-6178.