TIER III SOC ANALYST
Secret Security Clearance
Certification are required for each position posted
All Tier 3 Analyst candidates shall have a minimum of seven (7) years of professional experience in incident detection and response, malware analysis, or cyber forensics, or a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field and a minimum of five (5) years of experience in incident detection and response, malware analysis, or cyber forensics. The candidates must have extensive experience analyzing and synthesizing information with other relevant data sources, providing guidance and mentorship to others in cyber threat analysis and operations, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analyses with counterintelligence and law enforcement investigations.
Of the seven (7) years of professional experience requirements above, Tier 3 Analyst candidates shall have the following specialized experience for their position:
Monitoring and Detection Analyst
Shall have a minimum of five (5) years of professional experience in security, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention (DLP), Encryption, Two-Factor Authentication, Web-filtering, and Advanced Threat Protection.
Incident Response Analyst
Shall have a minimum of five (5) years of professional experience responding to information system security incidents. Ability to use the DHS furnished toolset to identify and determine root causes of incidents and provide any required documentation and possible evidence to security investigators.
Vulnerability Assessment Analyst
Shall have at least five (5) years of professional experience in vulnerability assessment and penetration testing.
Cyber Intelligence Analyst
Shall have at least five (5) years of professional experience in collecting, synthesizing, fusing, or authoring unclassified and classified cyber threat intelligence products.
SOC Tool Engineering, Operations and Maintenance
Shall have at least three (3) years of professional experience in incident detection and response, and at least three (3) years of experience in system administration, database administration, network engineering, software engineering, or software development, and a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
(a) Provides analysis related to the design, development, and integration of hardware, software, man-machine interfaces and all system level requirements to provide an integrated IT solution.
(b) Develops integrated system test requirement, strategies, devices and systems
(c) Directs overall system level testing.
(a) Serves as subject matter specialist providing testing know-how for the support of user requirements of complex to highly complex software/hardware applications.
(b) Directs and/or participates in all phases of risk management assessments and software/hardware development with emphasis on analysis of user requirements, test design and test tools selection.
Computer Forensic & Intrusion Analyst
(a) Provides knowledge in computer and network forensics.
(b) Conducts vulnerability assessments/penetration tests of information systems.
(c) Develops, researches and maintains proficiency in tools, techniques, countermeasures, and trend in computer and network vulnerabilities, data hiding, and encryption.
(d) Identifies, deters, monitors, and investigates computer and network intrusions.
(e) Provides computer forensic support to high technology investigations in the form of evidence seizure, computer forensic analysis, and data recovery.
Addendum: Shall have at least three (3) years of professional experience in technical Cybersecurity, and a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field. The candidates shall support Red Team efforts conducting covert focused target penetration testing of US Government installations through focused threat-based methodologies as a simulated adversary to expose and exploit vulnerabilities to improve the Cyber Readiness of infrastructure, Services, and Agencies. Candidates shall develop attack vectors, conduct reconnaissance, collect open-source intelligence, enumeration, and footprinting of target networks and services, and develop exploit payloads and system backdoors. Candidates shall provide support to the government customer in Red Team penetration testing using tools and techniques to conduct Cyber vulnerability and penetration testing of exercise and test events. Candidates shall participate in event planning stages to develop Cyber assessment plans and conduct no-notice penetration tests against network infrastructure and applications.
Email Security Analyst
Candidates shall have a minimum of five (5) years of professional experience in email security, which includes identification of phishing attempts, malware detonation, and knowledge of the DHS SOC email analysis toolset."
Duration 1 year contract
Education: Undergraduate Degree
Bachelors and / or years of experience.
GPEN - Penetration
GWAPT - Web Application Penetration Tester
GISF - Security Fundamentals
CISSP - Certified Cloud Security Professional
CISSP - Certified Information System Security (Preferred)