Digiflight, Inc. is seeking a SOC Support Specialist to work with an elite team of IT professionals to maintain an optimal environment for critical systems. We are looking to hire a Cyber Security Analyst to provide a full range of cyber security services with a focus on monitoring and responding to alerts of high or critical findings within Intrusion Detection and Security logs using state of the art security systems for detection and response. This includes everything from threat prevention to security infrastructure design to incident detection and responsibilities.
Primary Responsibilities
a) Tracks and analyzes activity on servers, endpoints, networks, applications, databases, websites on other technology systems
b) Provides a critical layer of analysis needed to seek out any irregular activity that could suggest a security incident
c) Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
d) Operate security monitoring, investigation, and reporting tools
e) Provide daily operational oversight of incidents and alerting from multiple platforms
f) Own technical development in one or more of the following areas: Detection, Cyber Intelligence, Monitoring, Analysis
g) Create, manage, and dispatch incident tickets associated with deception detections and alerts
h) Identify necessary tools or processes to improve the efficacy of the team
i) Receive, analyze, and respond to alerts, to include after hours, holidays, and weekends during incidents or priority events
j) Coordinate with Managed Security Service Provider(s) to investigate events and incidents
k) Design and coordinate the build out of the Security Operations Center processes and procedures
l) Develop and maintain the Security Operations Center framework
m) Augment detection capabilities of the SIEM tool
n) Provide security reports and metrics
o) Perform incident identification and triage according to NIST standards
p) Assist with annual Security Incident tabletop testing
q) Perform network and host forensics in response to security events and incidents
r) Analyze malware and other attacker Tactics, Techniques, and Procedures in response to security events and incidents
s) Provide on-the-job training, mentoring, and guidance/oversight for new and/or junior analysts
t) Perform threat hunts in addition to developing and maintaining threat hunting strategies
u) Maintaining understanding of current events, latest threats, and industry trends relating to information security
Basic Qualifications
a) Knowledge of basic IT and cybersecurity procedures and frameworks, or a closely related field as normally obtained through the completion of a High School Diploma / Bachelor's Degree in Computer Science, Engineering, or a related technical field (or commensurate experience)
b) Offer Experience should include leading and coordinating incident response efforts in relation to information security events, chronologically summarizing incidents and document incident reports, leading analysis, and remediation efforts among various teams within the organization, managing process documentation, providing metrics to leadership, standing up meetings and incident coordinating for information security incidents
c) Strong analytical ability
d) Ability to apply critical thinking skills
e) Customer service orientation is essential
f) Effective communication and written skills
g) Ability to lead and independently triage, analyze, and respond to information security alerts, including decision-making
h) Knowledge of information security standards and industry best practices
i) Experience writing reports and documenting events/incidents/investigations
j) Builds constructive relationships with internal and external stakeholders, and mentors security operations analysts
k) An aptitude for learning is also critical for success in this role, as well as a demonstrated ability to adapt to the changing demands of business
l) Tracks and analyzes activity on servers, endpoints, networks, applications, databases, websites and other technology systems
m) Provides a critical layer of analysis needed to seek out any irregular activity that could suggest a security incident
n) Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies
o) Familiarization with the following tools:
1. Symantec BlueCoat
2. Cyber Ark
3. CounterAct ForeScout
4. McAfee ePO
5. Cisco FirePOwer
6. Sailpoint IdentityIQ
7. RedSeal
8. Impreva SecureSphere
9. RSA Netwitness
10. Tenable.sc
11. Splunk
12. NetworkCritial TAPs
13. Authentic8 Silo
14. Proofpoint
15. CentryLink DDos Protection
a) ISACA Certified Information Security Manager (CISM) Certification
b) One or more technical security certifications:
1. GCIH - GIAC Certified Incident Handler
2. SSOC - GIAC Security Operations Certified
3. GMON - GIAC Continuous Monitoring Certifications
Candidate must have an active TS/SCI
Candidate must be a US citizen
Candidate must have a MA/MS degree with a minimum of 3 years of experience. This may be substituted with a BS/BA degree and a minimum of 6 years of total experience.
Our People
DigiFlight attracts the most highly skilled workforce to protect some of our nation's most sensitive systems. Before joining the company, many DigiFlight professionals served our country in a civilian and/or military capacity. Our diverse team provides innovative solutions as they support critical clients in tackling tough challenges. Most importantly, our team is passionate about their work and making a difference.
Our corporate culture promotes a healthy work/life balance.
Our Benefits
DigiFlight's competitive benefits package allows employees to manage their personal and professional portfolios through a variety of features and programs. Our benefits include:
Health, Dental, Vision, and Flexible Spending Account
Paid Time Off (PTO)
11 paid holidays
Tuition Education Assistance
Professional Development
401(k) retirement plan
Life insurance and short- and long-term disability insurance
Employee Referral Program
Marketing Incentive Plans
DigiFlight, Inc. (DFI) is an Affirmative Action, Equal Opportunity Employer. DFI offers a highly competitive, family-oriented benefits package.
Job ID
2627
Security Clearance
TS/SCI
Go to job list