Executive Summary: HRUCKUS is looking to hire (2) Senior SOC Analysts with 6-10 years of experience who will monitor, analyze, and respond to security issues, investigate attacks with other team members, assist in building situational awareness, and implement and incorporate multiple tools and technologies.

Position Description: The DC SOC is a centralized unit for security operations in DC Government. The main aim of this team is to monitor, analyze and protect the DC Government and its assets from any kind of security threats such as cyber-attacks, data threats, viruses, malware, etc. The Senior SOC Analyst are the first to respond to and act against cyber-attacks. They identify, analyze, and resolve the issues related to security. They also inform the management about the cyber threats so that the stakeholders can take necessary measures to ensure the security of the sensitive information and data of the company from hackers and malicious activities.

Position Duties: A Senior SOC analyst oversees monitoring and auditing the company's systems. They also keep an eye on network traffic to ensure that no suspicious behavior is taking place.

• Monitor an organization's IT infrastructure. This includes monitoring security systems, apps, and networks for anomalies that could suggest a breach or assault.
• Detects, assesses, and mitigates security threats. When SOC analyst sees a threat, they will collaborate with their team to understand what caused the anomaly within the system and how to avoid it in the future.
• React and investigates the incidents. If necessary, the SOC analyst will collaborate with other team members to conduct additional investigations into the occurrence before reporting to law enforcement agencies. After thoroughly examining each circumstance, they will share any new knowledge obtained about current cyber threats or vulnerabilities inside their network so that future events can be avoided, if possible, by immediate fixes.
• SOC analysts work with other team members to ensure that the DC Government protocols are in place to continue functioning so that it may continue to operate safely and securely. This involves both the implementation of new systems and the updating of current ones as needed.
• Security audits are critical for ensuring the organization's security because they allow you to uncover vulnerabilities before hackers or hostile actors can exploit them. A SOC Analyst directly participates in these audits by assisting with preparing and evaluating data afterward.
• SOC analysts must stay current on the most recent cyber risks to their firm's security, whether by learning about fresh phishing scams or keeping track of which bad actors are currently employing hacking tools. This understanding enables them to respond promptly to potential concerns before they cause difficulties for your firm.
• Work closely with security teams to develop, tune, automate, and enhance network and host-based security devices, support the SOC with managing the response to client Cyber intrusions, perform extensive network and host triage, maintain strict chain-of-custody, analyze documentation and reports, and perform remediation, as required.
• Implement and Manage Security Tools
• Investigate Suspicious Activities and Prevent Them
• Reduce Downtime and Ensure Business Continuity
• Providing Security Services to the Organization as a Whole
• Audit and Compliance Support

Essential Functions: A Senior SOC Analyst has certain duties to perform that are essential for the daily operations of DC Government.

• Constantly monitors the Networks and servers.
• Identifies any security breach that can harm the sensitive data and information of the organization.
• Analyzes the type of security threat that has attacked the DC Government security operations.
• Effectively respond to the immediate threats to the security of the DC Government.
• Builds temporary fixes to eliminate security threats and restore the DC Government’s data and information security.
• Collaborate with other departments and team members to implement security procedures, methods, and best practices.
• Stay updated about the latest security threats.

Position Skills and Qualifications:

• Network Defenders: Defending the networks from possible security threats is one of the major duties of a SOC Analyst. Experience with monitoring, analyzing, and eliminating security threats from the network. Candidate should have the required skills to protect your organizations Networks from hackers' attacks.
• Ethical Hacking: SOC professionals with knowledge of ethical hacking are preferred. You should also have a basic understanding of penetration testing, networks, web applications, and testing to test systems to identify vulnerabilities.
• Response to Incidents: As a SOC Analyst, you must know how to eliminate the malicious activities that are taking place in the organization systems and how to deal with incidents involving security breaches. You may suggest changes in the companies' security systems so they can stay protected from future threats.
• Computer Forensics: To prevent the organization computer security system from any sort of Cybercrime, as a SOC professional, you must be familiar with computer forensics.
• Reverse Engineering: relevant skills in reverse engineering, understanding given software program, derive conclusions from it, and help patch a bug.
• Experience with PowerShell commands and scripts
• Troubleshoot hardware and software problems, take appropriate corrective action and/or interact with team members or vendors to work through issue resolution
• Experience with performing host-based analysis of Windows, Linux, and Mac
• Experience with performing anomaly or malware hunts using a common framework and standard methodology, including the MITRE ATT&CK framework
• Ability to analyze security events that occur within the enterprise for the purposes of mitigating threats
• Ability to analyze Security Information and Event Management (SIEM) alerts to identify security issues for investigation and remediation
• Ability to be self-driven, work independently, and handle multiple tasks concurrently
• Comply with all audits, compliance, and regulatory requirements
• Support On call and weekend work

Minimum Education/Certification Requirements:

• Bachelor’s degree and a minimum of 5+ years of experience with cybersecurity with relevant experience in network operations or helpdesk support, especially with certifications
• 5+ years of experience with incident response or security operations center support
• Experience with security tools and techniques used by Incident Response Teams
• Experience with incident management and response activities across the incident life cycle
• Knowledge of how data is collected and analyzed from a variety of tools and sources, including IDS alerts, firewall logs, web logs, and network traffic logs, to identify IOCs or malicious TTPs
• Ability to identify, detect, respond, and mitigate sophisticated threats to the client enterprise environment
• Ability to adapt communications styles and messaging for professionals at all levels
• Cybersecurity knowledge: Familiarity with prevalent cyber threats, such as malware, phishing attacks, and DDoS attacks, is crucial. Grasping the concepts of anomaly identification and incident response will enable you to effectively identify and mitigate potential threats.
• Technical expertise: Proficiency in using Security Information and Event Management (SIEM) solutions can significantly enhance your ability to detect suspicious activities within your organization’s network. Familiarity with other security tools, including firewalls, intrusion detection systems (IDS), and vulnerability scanners, is also advantageous.
• Analytical skills: will be responsible for monitoring substantial amounts of data from various sources. The ability to quickly analyze this information and identify patterns that may signify potential security incidents is crucial.
• Communication skills: Efficient communication is essential when collaborating with IT security teams or reporting incidents to stakeholders within the organization. It is important for a SOC analyst to have clarity of speech when escalating events, and good written communication skills to document incidents as well as suggested steps of remediation.
• CompTIA Network+ and Security+

Skill | Required /Desired | Years

6-10 yrs. developing, maintaining, and recommending enhancements to IS policies/requirements | Required | 6 Years

6-10 yrs. performing vulnerability/risk analyses of computer systems/apps | Required | 6 Years

6-10 yrs. identifying, reporting, and resolving security violations | Required | 6 Years

Bachelor’s degree in IT or related field or equivalent experience | Required

 

#IND123