ABBTECH Professional Resources, Inc. SOC Analyst in Washington, District Of Columbia
DC-based cyber team is tasked to support a federal customer located in Washington, DC. The team works 24/5 M-F, so shift (day) schedule may vary and can be discussed with management for optimal arrangement. Candidates must be proficient in Splunk queries and be an experienced analyst. They do not have to be a true subject matter expert, but that is the only labor category available to us corresponding to a specialty analyst role. As part of our high-performing team you will perform the following duties:
- The team will hunt for malicious activity using the following sources and tools :
Network traffic and logs
Web server logs
Splunk Enterprise Security
Packet Capture systems
Endpoint protection systems
All systems that contain security logs or security events that are not forwarded to the log repository
The team will deliver summary reports/analysis for findings to federal staff and/or other cyber team as directed by government.
The team will perform searches for customer-specific IOCs upon request and conduct analysis of artifacts for IOCs as provided by this customer.
The team will provide intelligence data leveraging central intelligence tool (already in place) for dissemination and collaboration.
The team may, as needed, create dashboards, save queries, and other develop /mechanisms to enhance the team’s capabilities.
4 years total relevant security, network, or IT experience
1+ years Splunk experience/exposure
SOC Analyst experience
1 or more relevant certifications, including Splunk Fundamentals 1 or 2, Cyber Security Analyst+ (CySA+), Incident Handling certification, CEH, etc.
Clearance Requirement: Interim Secret
ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans
ABBTECH Professional Resources, Inc.
- ABBTECH Professional Resources, Inc. Jobs