SOC Analyst Junior

ECS is seeking a SOC Analyst JR to work in our Windsor Mill office. 

• Perform hunting for malicious activity across the network and digital assets 

• Respond to computer security incidents and conduct threat analysis 

• Identify and act on malicious or anomalous activity 

• Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network 

• Perform detailed investigation and response activities for potential security incidents 

• Provide accurate and priority driven analysis on cyber activity/threats 

• Perform payload analysis of network packets 

• Recommends implementation of counter-measures or mitigating controls 

• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment 

• Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity 

• Create and continuously improve standard operating procedures used by the SOC 

• Resolve or coordinate the resolution of cyber security events 

• Monitor incoming event queues for potential security incidents 

• Create, manage, and dispatch incident tickets 

• Monitor external event sources for security intelligence and actionable incidents 

• Maintain incident logs with relevant activity 

• Document investigation results, ensuring relevant details are passed to SOC Lead, Incident Management team and stakeholders 

• Participate in root cause analysis or lessons learned sessions 

Salary Range: $61,010.00 - $74,568.00
General Description of Benefits: Benefits Link

• 1 year of experience in Information Technology 

• Familiarity with US-CERT Federal Incident Notification Guidelines  

• Familiarity with Splunk Enterprise, Enterprise Security, and SOAR products 

• Familiarity with CrowdStrike, TrendMicro and McAfee host-based solutions 

• Knowledge of log, network, and system forensic investigation techniques 

• Experience performing analysis of log files from a variety of sources, including individual host logs, network traffic logs, firewall logs, or intrusion prevention/detection logs 

• Experience conducting intelligence driven defense utilizing the MITRE ATT&CK framework and Cyber Kill Chain (CKC) 

• Knowledge base of operating systems, network protocols, system administration, and security technologies 

• Knowledge of TCP/IP Networking and the OSI model 

• Experience monitoring threats via SIEM console 

• Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems  

• Strong customer service skills and decision-making skills  

• Ability to develop knowledge of client infrastructure