SOC Analyst

Responsibilities:

• Support with host and network analysis to determine compromise extent and provide mitigation support on compromised systems.
• Validate and confirm critical security events and assess impact of the event.
• Research and maintain information on current security threats and applying knowledge to the security capability.
• Author intrusion detection signatures as well as other detection mechanisms and coordinate with Security Engineering to implement.
• Collect information from digital devices as part of legal investigations. Create and report on program tasks.
• Interface with the intelligence community in order to better develop and identify malicious activities and events that connect over time to form a pattern of attack.
• Recover data like documents, photos and e-mails from computer hard drives and other data storage devices that have been deleted, damaged or otherwise manipulated.
• Find evidence of illegal activity involving cybercrime offenses and examine computers that may have been involved in other types of crime.
• Use expertise to protect computers from infiltration, determine how a computer was broken in to or recover lost files.
• Use forensic tools and investigative methods to find specific electronic data, including Internet use history, word processing documents, images and other files.
• Automate workflow processes via scripting with Python or similar.
• Work with Cyber Threat Intel Team and maintaining threat indicator feeds.
• Build and maintain client and stakeholder relationships.
• Formulate and enforce work standards.
• Complete projects/deliverables on time and with quality.  

Qualifications:

• Require 3–5 years of SOC analyst experience
• 5+ YOE in general IT and Cybersecurity preferred
• Proficiency in SIEM and EDR technologies, and practical knowledge of Microsoft Defender, Sentinel, Trellix, RSA NetWitness, and incident response playbooks
• Experience demonstrating strong analytical, troubleshooting and problem-solving skills for security information and event management.
• Excellent communication skills, both written and oral.
• Operational knowledge with types of vulnerability assessors that shall include vulnerability assessment tools, wireless network detection, and non-signature based discovery and case handling tools.
Experience with the following technologies:
• Intrusion Detection and Preventions Systems (IDS/IPS).
• Monitoring network security events in an Enterprise Environment.
• Producing security event reports for management.
• Producing security metric reports for management.
• Security Information and Event Management (SIEM) systems. 
One or more of the following certifications are desired:
• Certified Forensic Computer Examiner (CFCE).
• Certified Hacking Forensic Investigator (CHFI).
• CompTIA Cybersecurity Analyst (CySA+). 
• Certified Ethical Hacker (CEH)
Additional
• Able to attend monthly in-person meetings in Washington, DC.  Meeting scheduled on the 3rd Tuesday and as-needed-unscheduled in-person meeting(s).
• Clearance: Must be Public Trust eligible
• Hours: Full-time (40 hrs/week), standard eight-hour business schedule between the hours of 6:00am and 5:30pm, EST, Monday through Friday.

Benefits at UltraViolet Cyber!

• We provided these clients with cybersecurity-related services while cultivating a common body of knowledge among all employees at UltraViolet. 
• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed 
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment) 
• Group Term Life, Short-Term Disability, Long-Term Disability 
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness 
• Participation in the Discretionary Time Off (DTO) Program 
• 11 Paid Holidays Annually