Senior SOC Analyst - Military veterans preferred

2021-05-18
SAIC (www.saic.com)
Other

/yr

  full-time   employee


Oak Ridge
Tennessee
37830
United States

Description

Position Summary

SAIC is seeking a Senior SOC Analyst (Tier 3) to join our team providing Security Operations Services for a major state & local government customer located in Texas. This position reports to our Cybersecurity Operations Director and is a member of the 24x7-security operations team. This senior analyst will be primarily accountable for the investigation and management of escalated events and incidents from Tiers 1 and 2, and collaboration with other technical support teams in the investigation, remediation and prevention of cybersecurity threats. Primary job responsibilities include:

  • Manage escalations for cybersecurity events and incidents received from Tier 1 & 2 staff
  • Provide detailed analysis of security events and investigations
  • Coordinate and collaborate with peer technical teams for the investigation, remediation and implementation of preventative measures for cybersecurity events and incidents
  • Act as forensic investigations subject matter expert
  • Utilize advanced threat hunting techniques, tools, and procedures to identify risks to the environment
  • Perform efficiency analysis and tuning for SIEM tools including event rules and filtering, reporting, and rule management
  • Provide coaching, training, and support development of documentation for Tier 1 and 2 staff
  • Provide 24x7 monitoring and analysis of SIEM events to identify potential security risks and vulnerabilities
  • Triage events and investigate to identify security incidents
  • Log security incidents in the IT ticketing system
  • Manage security incidents throughout their lifecycle to closure
  • Receive input from threat intelligence sources and analyze events to identify threats and risks
  • Provide support for routine reporting
  • Support ad-hoc data and investigation requests
  • Conduct security and vulnerability scans as directed using established processes

 

Qualifications

Experience, Education and Certification

Required:

  • 4 years of experience as a SOC analyst including a SIEM tool; event triage and incident management
  • SIEM tuning and administration
  • Work in a team environment
  • Bachelor’s degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, etc.) and five (5) or more years of relevant experience. Alternatively, a Master’s degree in a relevant field of study and three (3) or more years of relevant experience.
  • Relevant cybersecurity experience including SIEM operations, forensic acquisition and analysis of evidence, event management, and incident management
  • Cybersecurity certification (e.g. CompTIA Security+, CISSP, CEH, etc.)
  • Experience with SIEM tools (e.g. Splunk)
  • Experience with Forensic tools (e.g. EnCase)
  • Excellent oral and written communication skills
  • Demonstrated experience with leading incident response calls, meetings, and activities by providing direction to other team members and partner vendors
  • Experience with Microsoft Office including Word and PowerPoint

 

Preferred:

  • Experience with ITIL, ITIL certification
  • Experience with reporting and reporting tools

 

This role is temporarily remote and will require work on site in either Oak Ridge, TN or Cookeville, TN. 


Target salary range: $75,001 - $100,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.