SOC Analyst

The Security Operations Center Analyst will be responsible for monitoring and analyzing security threats and implementing appropriate countermeasures to protect the organization's information assets., + Monitor and analyze security threats and vulnerabilities and implement appropriate countermeasures

• Ensure compliance with regulatory compliance directives, including various NIST and NIH security controls and monitoring and reporting requirements

• Manage incident response efforts and assist in investigations into security breaches

• Manage and maintain Security Waivers, perform product evaluations and advise management of upcoming changes to the environment

• Communicate and report to stakeholders on security-related documents and status updates

• Assist in the development, implementation and oversight of SOC standard operating procedures used to guide daily activities of the operations center

• Utilize various security tools like Tenable Security Center, Splunk, MS Defender, SEIM, Symantec DLP, Netsparker, Penetration Testing, Service Now, Web Application Security, Data Loss Prevention, Incident Response, Forensics, Security Tool Evaluation, and Endpoint Protection (Cylance), Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

• At least five years of experience within the Cyber Security industry, with experience in security event monitoring and incident response services within an enterprise network security environment

• Bachelor's or Master's Degree in Information Technology or related disciplines; or have equivalent and direct experience with the management, operation, and direction of a network and/or security operations center

• CISSP, CISM, CySA+, or GCIH certifications are desired

• Strong understanding of log analysis and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryption standards

• Strong understanding of the various industry standard cyber security disciplines and generally accepted practices governing the present-day cyber security industry

• Strong understanding of regulatory compliance directives to include various NIST and NIH security controls and monitoring and reporting requirements

• Experience with managing and ensuring the timely response and investigations of security events and incidents within a security operations center, The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

ASM Research, An Accenture Federal Services Company (Fairfax, VA)