SOC Analyst Journeyman

Gray Tier Technologies is seeking a SOC Analyst (Level 2) with a Secret level clearance to support our DOI customer's Security Operation Center in DC or Reston Virginia.

The Department of the Interior (DOI) protects America’s natural resources and heritage, honors our cultures and tribal communities, and supplies the energy to power our future. The DOI’s Office of the Chief Information Officer (OCIO), Cyber Security Division, is charged with protecting DOI’s information systems from ever-evolving Cyber Threats. The Cybersecurity Branch continuously evolves, develops, and updates its Cybersecurity capabilities in Order to mitigate constantly evolving threats most effectively.

Responsibilities and requirements:

• Associate or Cybersecurity certification, or certification in systems administrator, network certification, etc.
• Minimum 2 years of experience
• Tier II Security Operations Center (SOC) Analyst.
• The Monitoring and Analysis support personnel shall participate in a variety of Information System Security (ISS) activities, including monitoring
  of systems status; escalating and reporting potential incidents; creating and updating incident cases
  and tickets; analyzing applying various antivirus, network and host based intrusion detection,
  Digital Media Analysis (DMA), and vulnerability assessment tools, techniques and procedures;
  authoring and implementing custom detection content; tuning the Security Information and Event
  Management (SIEM) and Intrusion Detection System/Intrusion Prevention System (IDS/IPS)
  events to minimize false positives; process improvement; data management; and coordination and
  reporting of ISS-related incidents.
• Performs network security monitoring and incident response for a large organization, coordinates with other government agencies to record and report incidents.
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Monitors Security Information and Event Management (SIEM) to identify security issues for remediation.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.
• The contractor shall provide Monitoring and Analysis support to actively review all SOC data feeds,
  analytical systems, sensor platforms, and output from other SOC tool products.
• The contractor shall also provide written and oral reports of findings to their Federal Task Lead (FTL), DOI SOC
  Manager, for further investigation or for action.
• The contractor shall investigate and positively identify anomalous events that are detected by security devices or reported to the SOC from external entities, DOI components, system administrators, and the user community, via security monitoring platform and tools, incoming phone calls, and emails.
• The Monitoring and Analysis support personnel shall also be required to participate in assembling,
  evaluating, installing, and maintaining various intrusion detection sensors and associated software
  applications.
• The Monitoring and Analysis support group shall provide informal investigation,
  review, and recommendation documentation as necessary.
• Deliverables for Monitoring and Analysis Support include, but are not limited to, summary informal reports based on security event
  analysis and Technical Evaluation Reports (TER).