Job Information

ABBTECH Professional Resources, Inc. SOC Analyst in Washington, District Of Columbia


Job Description:

DC-based cyber team is tasked to support a federal customer located in Washington, DC. The team works 24/5 M-F, so shift (day) schedule may vary and can be discussed with management for optimal arrangement. Candidates must be proficient in Splunk queries and be an experienced analyst. They do not have to be a true subject matter expert, but that is the only labor category available to us corresponding to a specialty analyst role. As part of our high-performing team you will perform the following duties:

  1. The team will hunt for malicious activity using the following sources and tools :


  • IDS alerts

  • Network traffic and logs

  • Endpoint logs

  • Web server logs

  • Packet captures


  • Splunk Enterprise

  • Splunk Enterprise Security

  • IDS systems

  • Packet Capture systems

  • Endpoint protection systems

  • All systems that contain security logs or security events that are not forwarded to the log repository

  1. The team will deliver summary reports/analysis for findings to federal staff and/or other cyber team as directed by government.

  2. The team will perform searches for customer-specific IOCs upon request and conduct analysis of artifacts for IOCs as provided by this customer.

  3. The team will provide intelligence data leveraging central intelligence tool (already in place) for dissemination and collaboration.

  4. The team may, as needed, create dashboards, save queries, and other develop /mechanisms to enhance the team’s capabilities.


4 years total relevant security, network, or IT experience

1+ years Splunk experience/exposure

SOC Analyst experience

1 or more relevant certifications, including Splunk Fundamentals 1 or 2, Cyber Security Analyst+ (CySA+), Incident Handling certification, CEH, etc.

Clearance Requirement: Interim Secret

ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans