SOC Analyst Tier III

Jacobs Engineering Washington, MA
"Jacobs National Security Solutions (NSS) provides world-class IT network and service management capabilities; cutting edge cyber threat awareness and cybersecurity solutions; innovative web- and software applications development; and advanced data analytics for major clients in the Intelligence Community, Department of Defense, and Federal Civilian Agencies.

Our forward thinking solutions deliver an integrated approach to IT network design and management, full lifecycle IT service management, IT service delivery, asset management, logistics and procurement, and vendor management. We leverage the expertise and passion of our employees to conduct identity and access management, penetration testing, and vulnerability assessments for our nation's most closely guarded agencies and networks. Our Cyber Security Operations Centers ensure safe, effective network operations for Federal clients while our data scientists are helping stop illegal acts before they can endanger Americans or our way of life.

Jacobs promotes a culture of operational excellence to create a safer, smarter, and more connected world while upholding the highest standards of compliance, quality and integrity.

We continue to thrive and need your talent and motivation to help propel us farther, faster."

Jacobs National Security Solutions (NSS) is looking for a Tier III Analyst to provide Onsite and Offsite support in Washington, DC/Reston, VA. Duties include:

* Perform "Deep Dive" analysis on system security incidents, vulnerabilities and associated risks

* Collect and analyze operational reporting data requirements and products

* Identify cyber security issues and concerns, develop recommendations, and draft supporting correspondence

* Provide senior leadership and coordinate development of new procedures. Provide comprehensive reviews of Incident Response activities, identify realms of improvement, and engage resources to implementation.

* Support development of future doctrinal, operational, and technological solutions.

* Candidate will provide expert knowledge and experience toward concept development, analyses, and recommendations

* Must have direct experience with Security Information and Event Management (SIEM), vulnerability assessment frameworks, Infrastructure detection and discovery techniques, configuration and deployment of Intrusion Detection and Prevention Systems (IDS/ IPS), host-based and network-based firewalls, host-based and network-based forensics frameworks, and utilization of penetration

testing techniques and tools to actively secure organizational assets

* Working knowledge of any of the following tools is required: Splunk, Riverbed, McAfee ePO, Symantec Endpoint, RSA Security Analytics, Wireshark, Carbon Black, Tenable Security Center, ForeScout, or other information security tools.

* Work closely with the other teams to assess risk and provide recommendations for improving our security posture

* The ability to take lead on incident research when appropriate and be able to mentor junior analysts

* Ability to fully coordinate Incident Response activities across a team of multiple analysts with little to know supervision from management.

* Conduct research on emerging security threats

* Supports SOC analysis, handling and response activity

* Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents

* Author Standard Operating Procedures (SOPs), standards and guidances

* Lead on training documents and exercises

* Must be able to obtain and maintain a Public Trust security clearance

* Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus eight (8) to twelve (12) years of directly related experience or any equivalent combination of education, experience, training and certifications.

* Minimum of 10 years of Information Technology Security with a Bachelor's Degree and security operations center or incident response experience or equivalent military experience. Minimum of at least 3 years of information security operations center or incident response experience. Self-motivated and able to work in an independent manner

* Must have at least one (1) certification in the field of information security from a respectable security organization. Desirable certifications include, but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security) or equivalent Certifications.

* Candidate must be willing to work an 8:30 to 5 PM shift on site, Mon – Fri

* Preferred qualifications:

* Deep packet and log analysis

* Forensic and Malware Analysis experiences

* Cyber Threat and Intelligence gathering and analysis

* 1-2 years in an established SOC leadership role mentoring junior analysts

* Use Case creation and implementation into project timelines

* Experience reporting to C-level executives on SOC Operations, Incident Response efforts, and developing projects.

Essential Functions

Physical Requirements:

Most work will be done at a desk or computer.

Work Environment:

General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers. Multiple tasks & duties will need to be accomplished without any single duty falling behind or becoming neglected. Must effectively communicate and be communicated with by other team members. Must be able to represent and speak to current group efforts at any given time.

Equipment & Machines:

General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.

Attendance:

Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.

Other Essential Functions:

Must be able to communicate effectively both verbally and in writing

Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.

Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must take and pass a drug test and background check as well as a motor vehicle records check. Must be a US citizen.

#cjpost