Cybersecurity Analyst II

As the Cybersecurity Analyst Tier 2, you are responsible for overseeing and managing Tier 2 level threat response in our client’s Security Operations Center. Your role involves working with a team of security analysts and engineers who monitor, detect, analyze, and respond to security incidents and threats in an organization's IT environment at the Tier 2 Level. Additionally, you play a critical role in analyzing and resolving cyber threats or escalating incidents for Tier 3 response as necessary.  Technical expertise, and a deep understanding of cybersecurity concepts are essential for success in this role. This role is ONSITE in our SOC located in Rockville, MD.  US Citizenship is required for consideration.

Role and Responsibilities 

• Respond promptly and effectively to security incidents and threats discovered by CSOC Analyst Level I and carry out effective Level II analysis of incidents.
• Remediation of incidents and escalation when necessary to Tier 3 support
• Initial assessment of the scope of the attack and affected systems
• Accurately document cases during investigations and effectively communicate findings to Level I Analyst or escalation team to ensure complete handover of work streams.
• Continuously improve incident management processes through periodic threat hunting exercises, knowledge optimization effort building, and by comprehensive diagnosis and analysis of incident trends.
• Follow the issue tracking, escalation policies and work effectively across all CSOC tiers as the technical competence requires.
• Dedicated monitoring and analysis of cyber security events by use of SOC tools
• Incident Response generation and reporting IAW established procedures.
• Provide Level II technical support in CSOC operations and activities.
• Provide daily/weekly updates on CSOC operations and developments.
• Conduct Forensic analysis and respond to data call activities.
• Generate quality technical reports containing methodologies, findings, and recommendations.
• Work with external stakeholders to understand operational needs and develop effective processes.
• Maintain a current understanding of industry trends, emerging cyber threats, and new solutions which may impact CSOC activities.
• Collaborate with CSOC SME to ensure optimal performance using CSOC technology.
• Identify, reverse engineering and de-obfuscating digital content related to an incident.

 Qualifications:

3-5+ years of experience within a Level Tier 2 cybersecurity environment; experience in a leadership role is preferred.

Bachelor’s in information technology, Computer Science, or a related field; or relevant, commensurate work experience

Robust Certification Portfolio including Security+ and one or more of the following preferred: Network+, CEH, Azure or Cloud Certification, and Splunk Core Certified Power User.

Vulnerability/cyber incident management framework

Experience with advanced technologies such as: Splunk SaaS, Splunk Enterprise Security, Splunk SaaS UBA, Crowdstrike, Tenable, Forescout, zScaler, Bigfix, MaaS-360 (IBM MaaS-360), and Encase for forensic investigations, Fireeye, Cortex XSOAR, Cortex XDR, and Prisma-Access

Prior HHS experience a plus

Compensation: The salary range for this position is $115,000 to $120,000 per year based and is based on experience and certifications levels.

Benefits: Health, dental, and vision insurance; 401(k) with employer match; paid time off; professional development opportunities.

#LI-OnSite