Lead SOC Analyst (Tier III)


Seeking a Lead Level (Tier III / 7 years+) Cyber Security Analyst to support our customer, a major Federal Healthcare Insurance organization in Washington DC. This is currently a REMOTE position in our client-s SOC, but a return to the Washington D.C. office will be required once COVID-19 restrictions are eased. We specifically need someone who can do several weeks of training with our day shift and then take a lead role within a small cyber security team. This position does require a monthly rotating on-call weekend support for an escalation incident responses only.

This job is for a lead cyber security analyst / incident responder who will perform in-depth analysis on security events, intrusion detection, malware analysis, threat hunting and all phases of security event monitoring and incident response. Our client requires complete monitoring, triage and incident response functions in a combined SOC/CIRT environment experience. The selected candidate will use advanced SOC / CIRT security platforms and processes on a daily basis. Training will be given on specific platforms; however candidate should be an expert in SOC / CIRT processes and general platforms already. This position will entail working closely with team members to run an investigation from start to finish, ensuring collaboration with any appropriate teams and stakeholders at all levels. Our client is also seeking a candidate that can mentor junior analyst on best practices. There will be occasional presentations, audit support and regular documentation of investigations and project deliverables so strong verbal and written communications skills are critical.

Want to learn more? Then you should contact Elite Technical for consideration!

Required Skills


Required Skills
- At least 7 years of experience as a security operations center (SOC) analyst. Experience in Cyber Operations (required), Engineering (big plus), and Incident Response (required)
- Relevant cybersecurity subject matter expertise - especially in information security, network security, security event triage, intrusion analysis, malware, computer networking TCP/IP, and anomalous behavior.
- Expert knowledge in SOC / CIRT processes
- Experience and skills in: continuous monitoring, information security alerting, security event triage, intrusion analysis, threat trends, malware, and anomalous behavior.
- Experience in, or willingness to quickly learn, at least one security tool type such as IDS(PaloAlto Threat Threat Protection/Wildfire is a plus/IPS (Cisco Source Fire is a plus), network access control (Forescount is a plus), firewall (PaloAlto PAN is a plus), anti-malware (CarbonBlack EDR and CrowdStrike Falcon is a plus), etc
-Experience with the Microsoft Cloud Security Apps, Office 365 EPO (Sentinel is a Plus).
- Must demonstrate understanding of industry standard security best practices
- Excellent knowledge of MS Office tool set - MS Word, MS Excel, MS Project and MS Visio.
- Excellent knowledge of MS PowerBI, PowerShell, and other Office365 Applications.
- Successful candidate must be a motivated self-starter with a highly inquisitive and analytic mindset.

Preferred Skills:
- Security Certifications or Degree
- Demonstrated experience with security information and event management (SIEM - Qradar is a Plus), security orchestration and automated response (SOAR - Demisto/Palo Alto XOAR is a plus), and other security technologies.
- Hands on experience with some or all: NetFlow and full packet capture technology, Intrusion Detection Systems (IDS), firewalls, AV, and other similar network security tools
- Experience with healthcare insurance industry, especially BCBS plans
- Experience in, or willingness to quickly learn, at least one security tool type such as IDS (Palo Alto Threat Protection/Wildfire is a plus/IPS (Cisco Source Fire is a plus), network access control (Forescout is a plus), firewall (Palo Alto PAN is a plus), anti-malware (CarbonBlack EDR and CrowdStrike Falcon is a plus), etc

Apply Now

Return to Search Results

Have a Question?

Location

Washington, DC

Openings

2

Anticipated Start Date

Monday, December 6, 2021

Job Type

Contract

Anticipated Duration

12 months+

Date Posted

Tuesday, November 16, 2021

Know someone who would be a good fit? We pay for referrals!

Share this job:

Call 800-ELITE-50
Reference #10287

Elite Technical Services, Inc. participates in the E-Verify program to confirm the employment eligibility of all persons hired. This means that we will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization. Elite Technical Services, Inc. will not use E-Verify to pre-screen job applicants.

Elite Technical Services, Inc. is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.