5-7 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or Security Operations Center (SOC)
Bachelor's Degree in Computer Science, Information Technology, or Information Security
Certifications: one or more of the following (e.g., CompTIA Security+, CPTE/CEH, GCIH/ECIH, CISA)
Solid understanding of cyber security analysis, incident response/handling with proven incident response team experience; experience with Splunk, Sentinel One, Armis, and SNA preferred
Requirements:
Develop procedures and policies for initial stand up of a Security Operations Center (SOC) and ongoing SOC management
Support Tier 2 operations by monitoring alerts during critical and high-volume events
Conduct in-depth analyses of security incidents to identify incidents of compromise
Perform intrusion scope and root cause analyses; assist with intrusion remediation, strategy development, and implementation; recommend process changes to enhance defense and response procedures
Job description
PlanIT Group is seeking a Cyber Security Analyst III to support our Federal customer in the Washington, DC area. The ideal candidate must demonstrate a solid understanding of cyber security analysis, incident response, incident handling, and a proven experience on an incident response team. Experience with Splunk, Sentinel One, Armis, SNA preferred.
Job Title: Cyber Security Analyst III Location: Remote or Raleigh, NC Start Date: 03/24/25 Duration: One year plus annual extensions
(Remote support will be considered, candidates local to Raleigh NC will be given preference)
Cyber Security Analyst III
• Respond to Cyber Security Incidents, provide cyber threat analysis and reporting to support SOC and Program's situational awareness.
• Will actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, and will provide proactive threat research.
Most critical requirement :
• Must demonstrate a solid understanding of cyber security analysis, incident response, incident handling, and a proven experience on an incident response team. Experience with Splunk, Sentinel One, Armis, SNA preferred.
Duties:
• Responsible for developing procedures and policies for initial stand up of a security operations center (SOC) and ongoing management of the SOC.
• Support Tier 2 operations by monitoring alerts during critical and high-volume events.
• Conduct more in-depth analyses of security incidents to identify incidents of compromise.
• Perform intrusion scope and root cause analyses and assist with intrusion remediation, strategy development, and implementation. Recommend effective process changes to enhance defense and response procedures.
Experience Level:
•5-7 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
Education:
Bachelor's Degree in Computer Science, Information Technology, or Information Security
Certifications: (One or more required)
CompTIA Security +
CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
GCIH - (GIAC Certified Incident Handler) or ECIH - (EC-Council Certified Incident Handler)
CISA - Certified Information Systems Auditor
Additional Provisions:
• Must be able to obtain a Public Trust Clearance
• Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
• All candidates must be a US Citizen or US Permanent Resident / Green Card required
• Candidate must have lived in the United States for the past 5 years.
• Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
#CJJOBS
