SkyePoint Decisions, Inc. is looking for a highly motivated individual to fill the role of a SOC Analyst SME. This program provides Computer Network Defense (CND) and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise. The SOC team conducts, analyzes cyber threats, monitors the enterprise systems, and collects information on and identifies security incidents and supports the remediation of all security incidents. This position will conduct security event monitoring, advanced analytics and response activities in support of the CND operational mission. To ensure the integrity, security and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response.
- Work as part of a 24/7/365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures
- Mentor SOC I staff members
- Carry out triage on security events, coordinate incidents with IT operations, network engineering, and application teams and support the incident management process
- Identify and respond to incidents, to prevent or limit damage to assets, and report incidents
- Detect and analyze incidents, coordinate activities with other stakeholders for containing, eradicating, and recovering from incidents
- Development of advanced analytics and countermeasures to protect critical assets
- IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics
- Advise incident responders in the steps to take to investigate and resolve computer security incident – lead incident response cases when required
- Produce and maintain operational processes and procedures for use by all shift personnel
- Provide enterprise-wide management of security incidents, managed network space, to detect, respond, and report all computer related incidents that includes daily monitoring of information systems, vulnerability remediation, intrusion detection, log reviews, and malware tracking
- Assess, identify, and remediate of the individuals and/or systems affected
- Report of all information security incidents complied with timeline specifics
- Create reports from the SIEM, NIDS and HIDS
- Remain up to date with current attack methods and characteristics in order to identify threats and advise on prevention, mitigation and remediation.
- Bachelor’s degree
- Active Secret Clearance (or higher)
- A minimum of a Security+ certification
- Combination of 10 years’ and information security education experience
- Writing threat reports and other management level communications
- ServiceNow ticketing and reporting experience
- Linux, Windows, and Active Directory experience
- Splunk SPL experience
- Experience with FireEye and Palo Alto network security solutions
- ITILv3 experience
- Cloud and mobile device experience
- ForeScout CounterAct, DLP solutions, McAfee EPO, SailPoint experience
- Enterprise wireless security, identity and key management solutions
- Experience with classified information controls
- Perform other tasks consistent with the goals and objectives of the department/contract
- Perform other duties as assigned by the CSIRT Team Lead.
SkyePoint Decisions is an established ISO 9000:2008 certified small business headquartered in Dulles, Virginia, with local offices across the Washington, DC, metropolitan area. SkyePoint Decisions has grown into a successful federal contractor by combining industry best practices with innovative solutions that consistently meet or exceed customer requirements. We understand and integrate our customer’s technology and mission requirements to successfully deliver high quality, cost effective services on time and on budget.
SkyePoint Decisions empowers a secure dynamic workforce to complete any mission -- anytime, anywhere. It’s what we call Agency Anywhere®. SkyePoint Decisions delivers Agency Anywhere® by tightly integrating our technical competencies (cybersecurity, cloud services, remote access, collaboration, system & network optimization, device management and more) to provide our customer’s operating environments with the security, flexibility, availability, and operational continuity required to enable today’s on-the-go federal workforce to successfully and securely complete any mission – anytime, anywhere.
SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.