Junior Cyber Operations Analyst with Security Clearance
Falconwood Inc.
2024-11-05 11:39:17
Washington, District of Columbia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
We have an immediate opening for a senior Cyber Security Operations Center (SOC) Analyst to support the Navy Enterprise Business Solutions program office. The SOC Analyst will use Splunk Enterprise Security in a large enterprise environment, write Splunk scripts for events filtering and analysis, and work with operating system administrators in support of alert/incident response for a major SAP/ERP system. Will use Splunk Enterprise Security in a large enterprise environment and write Splunk scripts for events filtering and analysis Work with operating system administrators in support of Alert/Incident response Identify communications paths as it relates to alert/incident investigations Understand TCP/IP (IPv4, IPv6) along with related protocols and technologies (HTTP, FTP, SSH, NFS, DNS, NTP, FTP, DHCP, SMTP, SSL, etc.) Requires understanding of routing protocols, proxies, and firewalls Will maintain documentation of processes, procedures and configurations related to maintaining applications Requires knowledge of forensics, network analysis, log analysis, systems hardening, encryption technologies, certificates, mobile, and web application security Assist in proactively developing security best practices procedures and processes within the security operations team Will write situational analyses for high-risk threats and suggest appropriate courses of action for remediation Will document all activities during an incident/investigation and provides leadership with status updates during the life cycle of the incident/investigation Requires theoretical knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling) The candidate will have the knowledge, skills and abilities required to write scripts (bash, shell, perl, python, etc ) and write regular expressions The candidate will have knowledge of Operating System audit events to include Windows and Linux. The candidate will have knowledge of Database audit events to include Oracle, MS SQL, Sybase, and HANA. The candidate will have hands-on IT experience to include server build, ldap, and an understanding of Encryption Algorithms and PKI authentication implementation. The candidate must have an active SECRET security clearance and ability to gain a favorably adjudicated T5 background investigation The candidate must have a bachelor's degree in Software Engineering or related field The candidate must be certified to meet IAT Level 1 CSWF requirements (i.e.: Isc2's CISSP) The candidate must have completed the Splunk Enterprise Security User and/or Splunk Enterprise Security Administrator courses. The ideal candidate must have 1 to 3 years of experience Working in a cybersecurity operations environment maintaining the security of enterprise level systems Working as a Systems/Network Administrator As a User or Administrator of a Splunk Enterprise Security (ES) implementation In a Security Operations Center (SOC) environment The candidate must have familiarity with SIEM tools, monitoring tools and automated security assessment tools. Must be proficient in Microsoft applications such as Word, Excel, PowerPoint, and Outlook Must be capable of performing effectively individually and as part of a team Must have effective critical thinking and problem-solving skills Must have strong oral and written communication skills Must be able to manage time and be on time to meetings Experience with Agile and/or DEVSECOPS a plus SAP and/or ERP experience a plus