Seeking a Lead Level (Tier III / 7 years+) Cyber Security Analyst to support our customer, a major Federal Healthcare Insurance organization in Washington DC. This is currently a REMOTE position in our client-s SOC, but a return to the Washington D.C. office in a part-time on-site capacity will be required once COVID-19 restrictions are eased. We specifically need someone who can do several weeks of training with our day shift and then take a lead role within a small cyber security team. May include weekend work on a Saturday or Sunday for emergent incident responses only.

This job is for a lead cyber security analyst / incident responder who will perform in-depth analysis on security events, intrusion detection, malware analysis, threat hunting and all phases of security event monitoring and incident response. Our client requires complete monitoring, triage and incident response functions in a combined SOC/CIRT environment experience. The selected candidate will use advanced SOC / CIRT security platforms and processes on a daily basis. Training will be given on specific platforms; however candidate should be an expert in SOC / CIRT processes and general platforms already. This position will entail working closely with team members to run an investigation from start to finish, ensuring collaboration with any appropriate teams and stakeholders at all levels. Our client is also seeking a candidate that can mentor junior analyst on best practices. There will be occasional presentations, audit support and regular documentation of investigations and project deliverables so strong verbal and written communications skills are critical.

Want to learn more? Then you should contact Elite Technical for consideration!

Required Skills

Required Skills
- At least 7 years of experience as a security operations center (SOC) analyst. Experience in Cyber Operations (required), Engineering (big plus), and Incident Response (required)
- Relevant cybersecurity subject matter expertise - especially in information security, network security, security event triage, intrusion analysis, malware, computer networking TCP/IP, and anomalous behavior.
- Expert knowledge in SOC / CIRT processes
- Experience and skills in: continuous monitoring, information security alerting, security event triage, intrusion analysis, threat trends, malware, and anomalous behavior.
- Experience in, or willingness to quickly learn, at least one security tool type such as IDS(PaloAlto Threat Threat Protection/Wildfire is a plus/IPS (Cisco Source Fire is a plus), network access control (Forescount is a plus), firewall (PaloAlto PAN is a plus), anti-malware (CarbonBlack EDR and CrowdStrike Falcon is a plus), etc
-Experience with the Microsoft Cloud Security Apps, Office 365 EPO (Sentinel is a Plus).
- Must demonstrate understanding of industry standard security best practices
- Excellent knowledge of MS Office tool set - MS Word, MS Excel, MS Project and MS Visio.
- Excellent knowledge of MS PowerBI, PowerShell, and other Office365 Applications.
- Successful candidate must be a motivated self-starter with a highly inquisitive and analytic mindset.

Preferred Skills:
- Security Certifications or Degree
- Demonstrated experience with security information and event management (SIEM - Qradar is a Plus), security orchestration and automated response (SOAR - Demisto/Palo Alto XOAR is a plus), and other security technologies.
- Hands on experience with some or all: NetFlow and full packet capture technology, Intrusion Detection Systems (IDS), firewalls, AV, and other similar network security tools
- Experience with healthcare insurance industry, especially BCBS plans
- Experience in, or willingness to quickly learn, at least one security tool type such as IDS (Palo Alto Threat Protection/Wildfire is a plus/IPS (Cisco Source Fire is a plus), network access control (Forescout is a plus), firewall (Palo Alto PAN is a plus), anti-malware (CarbonBlack EDR and CrowdStrike Falcon is a plus), etc