Seeking a Lead Level (Tier III / 7 years+) Cyber Security Analyst/Incident Responder to support our customer, a major Federal Healthcare Insurance organization in Washington DC. This is currently a REMOTE SHIFT (swing/night) position in our client's SOC, but return to Washington D.C. in a part-time on-site capacity once COVID-19 restrictions are eased. We specifically need someone who can do several weeks of training with the day shift and then take a lead role within a small cyber security team. Swing shift is 3p-11p Sun-Thurs or 3p-11p Tues-Sat. Night is on the same day of week patterns, but runs from 11p-7a.

This job is for a lead Cyber Security Analyst / Incident Responder who will perform in-depth analysis on security events, intrusion detection, malware analysis, threat hunting and all phases of security event monitoring and incident response. Our client requires complete monitoring, triage and incident response functions in a combined SOC/CIRT environment experience. The selected candidate will use advanced SOC / CIRT security platforms and processes on a daily basis. Training will be given on specific platforms; however candidate should be an expert in SOC / CIRT processes and general platforms already. The role will entail working closely with team members to run an investigation from start to finish, ensuring collaboration with any appropriate teams and stakeholders at all levels, there will be occasional presentations, audit support and regular documentation of investigations and project deliverables so strong verbal and written communications skills are critical.

Want to learn more? Then you should contact Elite Technical for consideration!

Required Skills

Required Skills
- 7-10 Years- Experience in Cyber Operations, Engineering, and Incident Response
- At least 6 years of experience as a security operations center (SOC) analyst
- Experience in computer forensics is strongly preferred.
- Relevant cybersecurity subject matter expertise - especially in information security, network security, security event triage, intrusion analysis, malware, computer networking TCP/IP, and anomalous behavior.
- Expert knowledge in SOC / CIRT processes
- Experience and skills in: continuous monitoring, information security alerting, security event triage, intrusion analysis, threat trends, malware, and anomalous behavior.
- Experience in, or willingness to quickly learn, at least one security tool type such as IDS(PaloAlto Threat Threat Protection/Wildfire is a plus/IPS (Cisco Source Fire is a plus), network access control (Forescount is a plus), firewall (PaloAlto PAN is a plus), anti-malware (CarbonBlack EDR and CrowdStrike Falcon is a plus), etc
-Experience with the Microsoft Cloud Security Apps, Office 365 EPO (Sentinel is a Plus).
- Must demonstrate understanding of industry standard security best practices
- Excellent knowledge of MS Office tool set - MS Word, MS Excel, MS Project and MS Visio.
- Excellent knowledge of MS PowerBI, PowerShell, and other Office365 Applications.
- Successful candidate must be a motivated self-starter with a highly inquisitive and analytic mindset.

Preferred Skills:
- Security Certifications or Degree
- Demonstrated experience with security information and event management (SIEM - Qradar is a Plus), security orchestration and automated response (SOAR - Demisto/Palo Alto XOAR is a plus), and other security technologies.
- Hands on experience with some or all: NetFlow and full packet capture technology, Intrusion Detection Systems (IDS), firewalls, AV, and other similar network security tools
- Experience with healthcare insurance industry, especially BCBS plans
- Experience in, or willingness to quickly learn, at least one security tool type such as IDS (Palo Alto Threat Protection/Wildfire is a plus/IPS (Cisco Source Fire is a plus), network access control (Forescout is a plus), firewall (Palo Alto PAN is a plus), anti-malware (CarbonBlack EDR and CrowdStrike Falcon is a plus), etc