Yesterday
Secret
Senior Level Career (10+ yrs experience)
$125,000 - $150,000
No Traveling
Security
Remote/Hybrid•Washington, DC (Off-Site/Hybrid)
Tyto Athene is searching for a Security Operations Center (SOC) Analyst that will collaborate with members of the SOC team to improve procedures for the SOC to enhance coordination and incident response operations. You must be willing to work in a 24x7x365 SOC environment demonstrate intuitive problem-solving skills and allow for flexible scheduling; monitor network traffic for security events and perform triage analysis to identify security incidents; respond to computer security incidents by collecting, analyzing, preserving digital evidence, and ensuring that incidents are recorded and tracked in accordance with SOC requirements; and work closely with the other teams to assess risk and provide recommendations for improving our security posture.
Responsibilities:
• Utilize monitoring and response technologies such as Endpoint Detection & Response/ Extended Detection & Response (EDR/XDR), log aggregation platforms (Splunk/Sumo Logic), Data Loss Prevention (DLP), and Microsoft and Linux security tools to perform security incident detection and analysis
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
• Recognize attacker and APT activity, tactics, and procedures such as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response
• Collaborate with team members and key stakeholders to implement remediation plans in response to incidents
• Effectively investigative and identify root cause findings, then communicate findings to stakeholders, including technical staff and leadership
• Author Standard Operating Procedures (SOPs) and training documentation when needed
• Generate end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
Required:
• Secret Clearance Required
• Bachelor’s degree or equivalent experience
• Minimum eight (8) years of experience, with at least six (6) years in an Incident Responder/Handler role (fewer years of experience may be considered in light of additional education, certifications, or other relevant factors)
• Full understanding of Tier 2 responsibilities/duties and how the duties feed into Tier 3. The ability to take lead on incident research when appropriate and be able to mentor junior analysts
• CISSP and CEH certification or equivalent - advanced cert
• Advanced knowledge of TCP/IP protocols
• Knowledge of Windows, Linux operating systems
• Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; eg: Splunk, Sumo, or Elastic
• Deep packet and log analysis
Desired:
• Knowledge and experience with scripting and programming (PowerShell, Python, PERL, etc.) are also highly preferred
• GCIH, GCIA, GCFE, GREM, GCFA, GSEC Security+ CE, CCNA (Security), or equivalent Certifications
• CySA+
Clearance:
• Secret Clearance Required
Location:
• Remote. Applicants must be local to DC Metro Area
Shift:
• Monday through Friday, Core Business Hours
Responsibilities:
• Utilize monitoring and response technologies such as Endpoint Detection & Response/ Extended Detection & Response (EDR/XDR), log aggregation platforms (Splunk/Sumo Logic), Data Loss Prevention (DLP), and Microsoft and Linux security tools to perform security incident detection and analysis
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
• Recognize attacker and APT activity, tactics, and procedures such as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response
• Collaborate with team members and key stakeholders to implement remediation plans in response to incidents
• Effectively investigative and identify root cause findings, then communicate findings to stakeholders, including technical staff and leadership
• Author Standard Operating Procedures (SOPs) and training documentation when needed
• Generate end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
Required:
• Secret Clearance Required
• Bachelor’s degree or equivalent experience
• Minimum eight (8) years of experience, with at least six (6) years in an Incident Responder/Handler role (fewer years of experience may be considered in light of additional education, certifications, or other relevant factors)
• Full understanding of Tier 2 responsibilities/duties and how the duties feed into Tier 3. The ability to take lead on incident research when appropriate and be able to mentor junior analysts
• CISSP and CEH certification or equivalent - advanced cert
• Advanced knowledge of TCP/IP protocols
• Knowledge of Windows, Linux operating systems
• Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; eg: Splunk, Sumo, or Elastic
• Deep packet and log analysis
Desired:
• Knowledge and experience with scripting and programming (PowerShell, Python, PERL, etc.) are also highly preferred
• GCIH, GCIA, GCFE, GREM, GCFA, GSEC Security+ CE, CCNA (Security), or equivalent Certifications
• CySA+
Clearance:
• Secret Clearance Required
Location:
• Remote. Applicants must be local to DC Metro Area
Shift:
• Monday through Friday, Core Business Hours
group id: 91085617
