Tier 3 Incident Response Analyst - Washington DC

Job Description

ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers . If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps. All positions are onsite, unless otherwise stated.

Tyto Athene is searching for a Security Operations Center (SOC) Analyst that will collaborate with members of the SOC team to improve procedures for the SOC to enhance coordination and incident response operations. You must be willing to work in a 24x7x365 SOC environment demonstrate intuitive problem-solving skills and allow for flexible scheduling; monitor network traffic for security events and perform triage analysis to identify security incidents; respond to computer security incidents by collecting, analyzing, preserving digital evidence, and ensuring that incidents are recorded and tracked in accordance with SOC requirements; and work closely with the other teams to assess risk and provide recommendations for improving our security posture.

Responsibilities

• Utilize monitoring and response technologies such as Endpoint Detection & Response/ Extended Detection & Response (EDR/XDR), log aggregation platforms (Splunk/Sumo Logic), Data Loss Prevention (DLP), and Microsoft and Linux security tools to perform security incident detection and analysis
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
• Recognize attacker and APT activity, tactics, and procedures such as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response
• Collaborate with team members and key stakeholders to implement remediation plans in response to incidents
• Effectively investigative and identify root cause findings, then communicate findings to stakeholders, including technical staff and leadership
• Author Standard Operating Procedures (SOPs) and training documentation when needed
• Generate end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
  
  

Auto req ID

443188BR

Minimum Education Required

Bachelors

Job_Category

Cybersecurity

Required

Additional Qualifications/Responsibilities

• Bachelor-s degree or equivalent experience
• Minimum eight (8) years of experience, with at least six (6) years in an Incident Responder/Handler role (fewer years of experience may be considered in light of additional education, certifications, or other relevant factors)
• Full understanding of Tier 1 responsibilities/duties and how the duties feed into Tier 2. The ability to take lead on incident research when appropriate and be able to mentor junior analysts
• CISSP and CEH certification or equivalent
• Advanced knowledge of TCP/IP protocols
• Knowledge of Windows, Linux operating systems
• Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; eg: Splunk, Sumo, or Elastic
• Deep packet and log analysis
  
  

Desired:

• Knowledge and experience with scripting and programming (PowerShell, Python, PERL, etc.) are also highly preferred
• GCIH, GCIA, GCFE, GREM, GCFA, GSEC Security+ CE, CCNA (Security), or equivalent Certifications
• CySA
  
  

Clearance:

• Secret Clearance Required
  
  

Location:

• Remote. Applicants must be local to DC Metro Area
  
  

Shift:

• Monday through Friday, Core Business Hours
  
  

Compensation:

Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $140K-$165K. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits

Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave

Certificates/Security Clearances/Other

Required:

• CISSP and CEH certification or equivalent
  
  

Desired:

• GCIH, GCIA, GCFE, GREM, GCFA, GSEC Security+ CE, CCNA (Security), or equivalent Certifications
• CySA
  
  

Clearance:

• Secret Clearance Required
  
  

City*

Washington

State*

District of Columbia

Job Code

Cyber_Security IT

Affiliate Sponsor

MindPoint Group

Salary Range

>$100,000