SOC Analyst Tier 3 - Military veterans preferred

2020-02-05
SAIC (www.saic.com)
Other

/yr

  full-time   employee


Cookeville
Tennessee
United States

Description

About SAIC
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training.

Position Summary
SAIC is seeking a Senior SOC Analyst (Tier 3) to join our team providing Security Operations Services for a major state & local government customer located in Texas. This position reports to our Threat Intelligence Director and is a member of the 24x7-security operations team. This senior analyst will be primarily accountable for the investigation and management of escalated events and incidents from Tiers 1 and 2, and collaboration with other technical support teams in the investigation, remediation and prevention of cybersecurity threats. Primary job responsibilities include:
  • Manage escalations for cybersecurity events and incidents received from Tier 1 & 2 staff
  • Provide detailed analysis of security events and investigations
  • Coordinate and collaborate with peer technical teams for the investigation, remediation and implementation of preventative measures for cybersecurity events and incidents
  • Act as a team supervisor for SOC operations staff
  • Perform efficiency analysis and tuning for SIEM tools including event rules and filtering, reporting, and rule management
  • Provide coaching, training, and support development of documentation for Tier 1 staff
  • Provide 24x7 monitor and analysis of SIEM events to identify potential security risks and vulnerabilities
  • Triage events and investigate to identify security incidents
  • Log security incidents in the IT ticketing system
  • Manage security incidents throughout their lifecycle to closure
  • Receive input from threat intelligence sources and analyze events to identify threats and risks
  • Provide support for routine reporting
  • Support ad-hoc data and investigation requests
  • Conduct security and vulnerability scans as directed using established processes

Qualifications

Experience, Education and Certification
Required:
  • 4 years of experience as a SOC analyst including a SIEM tool; event triage and incident management
  • SIEM tuning and administration
  • Work in a team environment
  • AA Degree in related discipline and nine (9) years related experience; OR, High School and eleven (11) years related experience with relevant certification.
  • Relevant cybersecurity experience including SIEM operations, event management and incident management
  • Cybersecurity certification (e.g. CompTIA Security+, CISSP, CEH, etc)
  • Experience with SIEM tools (Splunk)
  • Excellent oral and written communication skills
  • Experience with Microsoft Office including Word and PowerPoint

Desired Qualifications

 
Preferred:
  • Experience with ITIL, ITIL certification
  • Experience with reporting and reporting tools.