831-Security Operations Center (SOC) Analyst - Military veterans preferred

2018-11-23
Frontier Technology, Inc. (www.fti-net.com)
Other

/yr

  full-time   employee   contract


San Antonio
Texas
United States


Position:  831-Security Operations Center (SOC) Analyst Type:  Full Time Location:  San Antonio, Texas

FTI is currently looking for a Security Operations Center (SOC) Analyst in the San Antonio, TX area as follows:

Primary Responsibilities

This position will perform multiple duties as a member of the Air Force’s Security Operations Center’s (SOC) Incident Management/Continuous Monitoring Section, ensuring all A1 Virtual Data Center related security events and incidents are analyzed, tracked, resolved, documented, and reported IAW DoD and AF incident response directives.

  • Provides technical expertise in the implementation and use of cyberdefense tools and processes used to maintain the security of the A1 VDC in a commercial cloud environment.
  • Develops and oversees standard operating procedures (SOPs) and tactics, techniques and procedures (TTPs) for all functions performed by the SOC Incident Management/Continuous Monitoring Section, to include Service Desk Operations; Incident Response; Incident Reporting; Enhanced Data Encryption; Cyber Protection Condition (CPCON) Operations; Threat Investigation and Analysis; Continuous Monitoring; Log Management; Notifications; Service Level Agreement Management; Disaster Recovery; Change Control; and Vulnerability Management
  • Analyzes security and compliance logs daily from multiple sources (i.e. Web Application Firewalls, Splunk, etc.) as provided by the A1 VDC Managed Services Provider (MSP).
  • Determines response actions and reports to Tier 2 CSSP IAW with DoD and AF reporting requirements
  • Processes and analyzes Mission Tasking Orders (MTOs) and Time Compliance Network Orders (TCNOs)
  • Reviews and analyzes performance and usage metrics, dashboards and other reports provided by the MSP
  • Directs MSP response actions for any and all suspicious activity

Requirements

  • BS degree preferred, 10-15 years of experience
  • DoD 8570 IAT Level II Certification, including Security+ CE
  • Experience in NOC/SOC environment
  • Experience with Incident handling, customer issue resolution, forensics
  • Develop and maintain actionable content for SOC operations
  • Splunk experience required
  • ACAS, HBSS, APP Dynamics, ServiceNow experience preferred
  • Customize the SIEM platform to promote advanced searching, forensics and analytics, and advance creative solutions to complex problems
  • Ability to obtain and maintain a government clearance