SOC Analyst
Role details
Job location
Tech stack
Job description
Northern Technologies Group (NTG) is seeking a highly motivated Security Operations Center (SOC) Analyst to support a mission-critical cybersecurity operations environment. The SOC Analyst will be responsible for monitoring, analyzing, investigating, and responding to cybersecurity events and incidents across enterprise networks and systems. This role requires experience in incident response, cyber defense operations, threat detection, and security monitoring within a Security Operations Center (SOC)., * Monitor and analyze security alerts generated from endpoints, IDS/IPS systems, NetFlow data, SIEM platforms, and custom security sensors.
- Identify, investigate, and respond to potential cybersecurity incidents and compromises across customer networks and endpoints.
- Perform detailed analysis of large-scale log data and correlate information across multiple data sources during incident investigations.
- Escalate validated threats and incidents to senior SOC personnel while providing detailed supporting evidence.
- Document investigative findings, actions taken, and recommendations within case management and knowledge management systems.
- Create, maintain, and distribute incident reports to customers, stakeholders, and leadership.
- Support Cyber Network Defense (CND) operations through protection, detection, response, and sustainment activities.
- Participate in shift operations supporting a 24x7 mission-essential environment.
- Maintain awareness of emerging cyber threats, attack vectors, and adversary TTPs.
- Contribute to knowledge sharing, mentoring, training, and continuous improvement initiatives.
Requirements
The ideal candidate will possess strong analytical skills, experience working with enterprise security tools, and a deep understanding of cyber threat actor tactics, techniques, and procedures (TTPs)., * Must be a U.S. Citizen.
- Must possess an active DoD Top Secret/ SCI security clearance
- Bachelor's degree and 8+ years of relevant experience, Additional military service and relevant experience may substitute for degree requirements. Candidates without a degree must possess a minimum of 12 years of relevant experience.
- Minimum 2 years of incident handling and incident response experience.
- Minimum 2 years of Security Operations Center (SOC) experience.
- Experience supporting Cyber Network Defense (CND) operations within a Computer Incident Response organization.
- Demonstrated understanding of Cyber threat lifecycles, Attack vectors and exploitation methodologies, Adversary tactics, techniques, and procedures (TTPs)
- Strong knowledge of: TCP/IP networking, Network protocols and ports, Traffic analysis, System administration, OSI model, Defense-in-depth security principles
- Ability to work independently in a fast-paced operational environment.
- DoD 8570 IAT Level II (or higher) certifications prior to start date (CompTIA Sec+, SSCP etc)
- Must also obtain a DoD 8570 CSSP-Analyst certification within six months of hire (CEH, CySA+, GCIA), * Experience analyzing large volumes of: Security logs, NetFlow data, Full Packet Capture (PCAP), Network forensic artifacts
- Hands-on experience with enterprise SIEM platforms such as: Splunk, ArcSight, QRadar, McAfee Enterprise Security Management (Nitro), LogLogic.
- Experience with: IDS/IPS technologies, Host-Based Security Systems (HBSS), Endpoint security tools, Malware analysis techniques
- Unix/Linux command-line proficiency.
- Scripting or programming experience.
- Familiarity with: MITRE ATT&CK Framework, Cyber Kill Chain Methodology, Intelligence-Driven Defense concepts
Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.
While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate.
Benefits & conditions
$150,000 to $165,000