Tier 2 SOC Analyst

Position Description

Valiant Solutions is seeking multiple Tier 2 SOC Analysts to join our rapidly growing and innovative cybersecurity team!

As a Tier 2 SOC Analyst, you'll be a key member of our 24x7x365 cybersecurity operations center. This role involves a 4x10 shift schedule (4 days a week, 40 hours), and the ideal candidate must be flexible to support any shift for additional coverage when needed. In this role, you and your team will manage and respond to escalated alerts, notifications, and communications, leading incident response activities from tracking and stakeholder communication to remediation, recovery, and thorough reporting. You'll ensure all reports are accurately entered into our incident tracking system and coordinate closely with reporting entities for full event understanding. Success in this position requires expertise in cybersecurity incidents, anomaly analysis, log analysis, digital forensics, and common threat vectors to comprehend reports and determine necessary response actions. You'll strictly follow established SOPs, policies, and procedures for escalation and notification, including to Federal Leadership. The ideal candidate must also possess a strong understanding of Splunk SIEM and be proficient in supporting forensic tools.

Named one of the Best Places to Work in the Washington DC area for 11 consecutive years, Valiant is proud of our employee-centric culture and commitment to excellence. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!

This position allows for 100% remote work. Remote work necessitates a high-level trust in our employees and we strictly adhere to the details found below in our Remote Work Policy. 

Required Experience:

• US Citizenship and must be able to pass a background investigation (Public Trust - High)
• 4+ years of Information Technology experience 
• Bachelor's in Science in Computer Science, Information Systems, Mathematics, Engineering, or a related degree OR an additional 2+ years of relevant experience
• Cybersecurity certifications are preferred but not required
• Excellent organizational, verbal, presentation/facilitation, and written communication skills. Comfortable presenting briefings to the client.
• Demonstrate proficiency in the Incident Response Process and SOC operations and a good understanding of threat hunting
• Good understanding of system log information and where to collect specific data/attributes as required for the Incident Events
• Operational understanding of enterprise networking and security tools (firewalls, Antivirus, HIDS, IDS/IPS, proxy, WAF), Windows and Unix/Linux systems’ operations
• Experience performing log analysis and reporting
• Experience creating and tracking investigations to resolution
• Experience with Endpoint security solutions, including but not limited to Windows Defender, Tanium, FireEye Solutions, Antivirus Solutions, and EDR Tools
• Understanding of compliance or regulatory frameworks (i.e., FISMA, NIST, ISO)
• Solid understanding of the application, authentication, network security principles, and operating system hardening techniques
• General knowledge of cyber-attack frameworks (MITRE ATT&CK and Lockheed Cyber Kill Chain)
• Understanding of Computer Network Defense (CND) policies, procedures, and regulations
• SIEM monitoring and analysis, analyzing network traffic, log analysis, prioritizing and differentiating between potential intrusion attempts and false alarms
• Ability to work with or support senior leaders to understand risk factors and communicate effective mitigation strategies
• Ability to work independently to address and resolve a security incident with minimal supervision

Responsibilities

• Actively participate and provide support in all phases of security incident response, including tracking, stakeholder communication, remediation, and recovery
• Perform Level 2 triage of incoming incidents, providing initial assessment of priority, determining incident nature and risk, and appropriately routing security or privacy data requests
• Conduct comprehensive incident response analysis leveraging expertise in cybersecurity incidents, anomaly analysis, log analysis, digital forensics, and common threat vectors
• Utilize Splunk SIEM and support forensic tools to monitor, investigate, and correlate security events
• Ensure all incident details are accurately entered into the incident tracking system
• Develop detailed incident reports during and after incidents, outlining mitigation, recovery, and operational return-to-normal actions
• Record and report all incidents in adherence to Federal and department policies
• Create and track network incidents and investigations through to closure
• Coordinate with reporting entities (e.g CISA) to fully understand event details and facilitate effective communication with stakeholders
• Serve as key personnel for Incident Management, providing coordination, task assignment, and process guidance for incident response events
• Strictly follow established SOPs, policies, and procedures for timely escalation and notification of Federal leadership and reporting
• Actively participate in the remediation and recovery of incidents generated by live threats against the enterprise
• Review, revise, and recommend enhancements to technical, process, and physical security controls
• Develop and implement defensive cyber best practice tactics, techniques, and procedures to strengthen our security posture.
• Manage assigned investigations, ensuring active progress, and assist Tier 1 analysts as needed to resolve investigations

About Valiant Solutions

Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology’s Fast 50, and Washington Business Journal’s Best Places to Work in the D.C. area, Valiant Solutions prides itself on providing its employees with great benefits and career development opportunities. As a company, we are just as committed to growing careers as we are to building world-class IT solutions, all while enjoying an unparalleled work-life balance. We are in a phase of tremendous growth and building the team that will take us to the next level. We seek people whose talents and accomplishments will contribute to a thriving company, who have the character to support their capacity, and can make a positive impact on our culture. Alongside our talented team, you’ll learn to think quickly on your feet and expand your own personal and professional skill set. Our management team will inspire you to consider new perspectives and challenge you to become a better practitioner in the fast-paced industry of IT security. We hire people we respect – and we trust them to deliver results leveraging their expertise. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today.

Benefits Snapshot (includes, but not limited to)Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time EmployeesValiant contributes 25% towards Health Coverage for Family and Dependents100% Paid Short Term Disability and Life Insurance Policy for Full-time Employees100% Paid Certifications401K Matching up to 4%Paid Time OffPaid Federal Holidays Paid Time On – 40 hours to pursue innovationWellness & Fitness ProgramValiant University – Online Education and Training PortalReimbursement for Public Transit and ParkingFSA programs for: Medical Costs, Dependent Care, Transit, and ParkingReferral Bonuses

The salary range for this position is a general guideline and not a guarantee of compensation or salary. It has been benchmarked in relation to the scope of the role, market rate, and internal equity. The salary for this role is expected to be in the $100,000 - $125,000 range. Where a candidate falls within the band can be determined based on one or more of the following: skillset, experience level, achievements, education, geographic location, security clearance, involvement in corporate tasks, and other non-discriminatory factors. In addition to the base salary, this role will include benefits as described above.  Valiant reserves the right to adjust the salary range, experience requirements, and position responsibilities at any time without prior notice. 

Remote Work Policy 

Remote work necessitates a high level of trust in our employees. To ensure that employee performance does not suffer in a remote work environment, all employees who telecommute are expected to have a quiet and distraction-free workspace with adequate internet, dedicate their full attention and availability to their job duties during working hours, and maintain a schedule during core business hours that align with those of their coworkers and Valiant's clients. In alignment with Valiant's inclusive and engaging environment, cameras are encouraged and can be required to be on during virtual video conferences. Additionally, in alignment with the Office of the Inspector General’s effort to eliminate conflicting employment, all Valiant employees are required to disclose any current or future outside employment engagements. During onboarding and throughout employment, employees must disclose any current activities or intent to engage in outside employment or other professional activities and obtain written approval.  Employees may not solicit or conduct any outside business during core business hours for Valiant Solutions and our clients.

Equal Employment Opportunity

Valiant Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, genetic information, marital status, or veteran status, in accordance with applicable law.

Physical Demands

Sitting or standing at a desk for prolonged periods of time and consistent operation of a computer. Frequent communication and exchanging of accurate information via electronic communication, phones, and in person. Occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.

Authorization to Share Resume and Personal Information

By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

#LI-JM1