VIEW
SAVED
JOBS

SOC Analyst(s)

2024-145517
Other / Technical
Secret

Location:

Washington
,
DC

Secondary Location:

,
,

Telecommute Options:

No remote/telework allowed
Join Our Team
Apply now
right arrow
Share on your newsfeed or with a friend
About Peraton

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Responsibilities

Peraton is seeking Security Operations Center (SOC) Analysts to join our team of qualified and diverse individuals to identify, analyze, and report events within a cloud environment, providing cybersecurity monitoring and alerts.

 

What you’ll do:

 

The SOC Analyst's will  also be responsible for the following but not limited to:

  • Conduct an analysis of current operations of the SOC, analyze how the work is being done, review alerts, and SOPs to make recommendations for proposed changes and improvements to SOC operations and response metrics.
  • Develop and execute an Incident Response Plan and SOC Playbook.
  • Utilize the authorized security tools to perform security analysis and triage security alerts and events to prevent, detect, contain, and remediate security and privacy incidents.
  • Identify, analyze, triage, report, and coordinate with CSIRT and other stakeholders to remediate all information security incident types.
  • Utilize the authorized Security Tool Set) to perform security analysis and triage security alerts and events to prevent, detect, contain, and remediate security and privacy incidents.
  • Coordinate with the SIEM team to create and maintain security dashboards.
  • Report all information security incidents through the proper authority.
  • Investigate and positively identify anomalous events that are detected by security devices. or reported to the SOC from external entities, system administrators, and the user community, via security monitoring platform and tools, incoming phone calls, emails, and the Service Desk and Incident Tracking System.
  • Conduct monitoring and analysis activities
  • Utilize network-based intrusion detection systems and other Security Information tools such as Event Management solutions (SIEM/Splunk) and Network Security Management solutions (such as Skybox Security, CISCO IPS/IDS, and Nessus) for the assessment, identification, and remediation of the incidents.
  • Support Incident Management and Response requirements across the security incident lifecycle phases.
  • Perform ad-hoc searches for suspect activity and reverse engineering of malicious software.
  • Provide investigation, review, and recommendation documentation as necessary.
  • Support development of reports and documentation including SOC Improvement Plan, Security Incident Reports, Program Status Report with reporting against Objectives and SLAs, Shift Change Reports, Measurable Activities Report (WAR), SOC Playbook updates,Incident Escalation Reports, daily Monitoring Reports
  • Cross-train with Network O&M/Telephony/Mobile Computing Management to assist the monitoring of all communications connectivity (e.g., VSAT, DTS-PO, VPN, SD-WAN, MPLS, and TICs), as well as the devices that terminate communications links, to ensure uninterrupted communications and in the event of a failure, provide rapid identification and resolution of problems per defined SLAs.
  • Monitor the wireless network infrastructure; networks used by software development teams; bandwidth utilization and availability of communications links; and LAN device security logs, identifying and ascertaining the nature of potential security violations, and protocol configuration, route table maintenance, and alternate path mechanisms.

                                   

This role is contingent upon contract award. 

Qualifications

Basic Qualifications:

  • Must have minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD; or years of direct experience may be substituted in lieu of degree.
  • Certified SOC Analyst (CSA) designation by the EC-Council
  • Experience and knowledge of networking, TCP/IP protocols, network topology, network directory services.
  • Experience with server operating systems, and understanding of operating system fundamentals, including Windows and Linux
  • Understanding of security controls for common platforms (Windows, Linux, & network equipment)
  • Experience implementing and monitoring security controls.
  • Experience configuring and utilizing monitoring/logging and security analysis solutions
  • Ability to support an operational environment that operates 24x7x365
  • U.S. Citizen; Ability to obtain and maintain a U.S. Secret Security Clearance

Preferred Qualifications:

  • Active Secret Security Clearance.
  • At least 3 years' experience working in a SOC environments or cybersecurity-related environment
  • Experience leading incident response activities (Prepare, Identify, Contain, Eradicate, Recover)
  • Experience using Security Operations (Sec Ops) tools, including any of the following: MTIPS, E3a, CASB, Qualys, Palo Alto Firewall, Palo Alto Panorama, Trellix, ForeScout CounterAct, HoneyPots, Google DLP, Entrust Identity Guard, Infoblox, KeePass, McAfee Antivirus, McAfee EPolicy Orchestrator, Microsoft Active Directory Certificate Services, Microsoft System Center Configuration Manager (SCCM), RSA token, RSA Archer, SailPoint, Skybox, Splunk, Syslog, Tenable Nessus, Thales, Valimail Enforce, VMWare AirWatch, Zimperium, EntryPoint, Tanium
  • Knowledge of scripting languages (e.g., PowerShell, Python, Yara, SNORT, EQL)
  • Amazon Web Services Cloud experience
  • Experience working programs using ITIL v. 4 and/or Agile framework for Service Management
  • Experience with the cloud-based workflow automation platform ServiceNow

Benefits:

 

At Peraton, our benefits are designed to help keep you at your best, beyond the work you do with us daily. We are fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way

 

Target Salary Range

$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.
SCA / Union / Intern Rate or Range

EEO

An Equal Opportunity Employer including Disability/Veteran.

Our Values

Benefits

At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We’re fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.

  • Paid Time-Off and Holidays
  • Retirement
  • Life & Disability Insurance
  • Career Development
  • Tuition Assistance and Student Loan Financing
  • Paid Parental Leave
  • Additional Benefits
  • Medical, Dental, & Vision Care
Happy man with his two children