SOC Analyst II - Military veterans preferred

2021-06-08
SAIC (www.saic.com)
Other

/yr

  full-time   employee


Oak Ridge
Tennessee
United States

Description

SAIC is seeking a SOC Analyst (Tier 2) to join our team providing Security Operations Services for a major state & local government customer located in Texas. This position reports to our Cybersecurity Operations Director and is a member of the 24x7-security operations team. This is an experienced, mid-level team member. Primary job responsibilities include:

  • Manage escalations for cybersecurity events and incidents received from Tier 1 staff
  • Provide detailed analysis of security events and investigations
  • Provide coaching, training, and support development of documentation for Tier 1 staff
  • Provide 24x7 monitoring and analysis of SIEM events to identify potential security risks and vulnerabilities
  • Triage events and investigate to identify security incidents
  • Log security incidents in the IT ticketing system
  • Support forensic acquisition and analysis of evidentiary data
  • Utilize advanced threat hunting techniques, tools, and procedures to identify risks to the environment
  • Manage security incidents throughout their lifecycle to closure
  • Coordinate with other, remote technical teams to investigate, document, and resolve issues
  • Make recommendations for ongoing tuning and updates to the SIEM system
  • Receive input from threat intelligence sources and analyze events to identify threats and risks
  • Provide support for routine reporting
  • Support ad-hoc data and investigation requests
  • Conduct security and vulnerability scans as directed using established processes

Qualifications

Required:

  • 2 years of experience as a SOC analyst including a SIEM tool; event triage and incident management
  • Bachelor’s degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, etc.) and five (5) or more years of relevant experience. Alternatively, a Master’s degree in a relevant field of study and three (3) or more years of relevant experience.
  • Relevant cybersecurity experience including SIEM operations, forensic acquisition and analysis of evidence, event management, and incident management
  • Excellent oral and written communication skills
  • Demonstrated experience with leading incident response calls, meetings, and activities by providing direction to other team members and partner vendors
  • Experience with Microsoft Office including Word and PowerPoint
  • Cybersecurity certification (e.g. CompTIA Security+, CISSP, C|EH, etc.)

 

Preferred:

  • Experience with ITIL, ITIL certification
  • Experience with SIEM tools (e.g. Splunk)
  • Experience with Forensic tools (e.g. EnCase)
  • Experience with reporting and reporting tools.

Target salary range: $75,001 - $85,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.