SECURITY OPERATIONS CENTER (SOC) ANALYST - TS Clearance Only
- Pennsylvania Avenue NW, Washington, DC, USA
NXTKey Corporation has been delivering Information Technology, Information management, Information Assurance (IA) and cybersecurity solutions to US Federal Government since 2005.
NXTKey Corporation is an agile Small Business that places emphasis on teamwork and partnership with our clients to produce optimum contract performance. We have refined our solution from experience supporting highly complex Department of Justice (DOJ) environments such as United States Marshals Service (USMS), Justice Management Division (JMD), Office of Justice Programs
(OJP) and Federal Prison Industries (FPI).
Our depth of experience allows us to provide IT security support for a wide range of IT General Support Systems (GSS) and major applications (MAs) within the Federal Enterprise and following the guidance in the Federal Enterprise Architecture (FEA) and information systems security support services in accordance with OMB Circular A-130, NIST guidelines and standards, as well as other federal policies and regulations.
- Working in a 24x7x365 Security Operations Center environment to monitor network traffic for security events and perform incident response.
- Conduct security assessments regularly to identify vulnerabilities and performing risk analysis.
- Analyzing/Monitoring Security Information and Event Management (SIEM) using a variety of tools to investigate incidents, determine true threats, and provide solutions to detected issues in a timely manner
- Performing proactive Threat Intelligence Analysis using Open Source tools
- Analyze the breach to reach the root cause.
- Generate reports for IT administrators, business managers, and security leaders. These reports serve as an input to evaluate the efficacy of the security policies.
- Advise and implement necessary changes required to counter the attack or improvise security standards.
- Keep the security systems up to date and contributing to security strategies.
- Document incidents to contribute to incident response and disaster recovery plans.
- Perform internal and external security audits.
- Investigate incidents both from a network and host/application level.
- B.A. or B.S. in Computer Science or a related field
- Certification: CISSP / Security+CE / CASP / CEH / GIAC / Other cybersecurity related
- Proficient in network forensic analysis and monitoring Network Security using SIEM tools, such as ArcSight, Splunk, Fireeye, Snort, Sourcefire, Wireshark, NetWitness, SolarWinds, AlienVault, Snort IDS, Bro and SecurityOnion, QRadar, or McAfee
- TCP/IP, computer networking, routing, switching, network security.
- IDS/IPS, penetration testing, vulnerability testing, Firewall and intrusion detection/prevention protocols
- Network protocols and packet analysis tools
- Strong communication and collaboration skills working with colleagues to investigate incidents.
Only candidates with Top Secret Clearance can apply.
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.