CSOC Tier 2 Analyst

Rockville, MD, USA

Applications have closed

CSOC Tier 2 Analyst

**Immediate Requirement**

**Onsite**

CSEngineering is looking to add a CSOC Tier 2 Analyst to our growing team! As the Cyber Security Operations Center (CSOC) Tier 2 Team Lead, you are responsible for overseeing and managing the activities of the Tier 2 Team in our client's Security Operations Center. Your role involves leading a team of security analysts and engineers who monitor, detect, analyze, and respond to security incidents and threats in an organization's IT environment at the Tier 2 Level. You play a critical role in analyzing and resolving cyber threats or escalating incidents for Tier 3 response as necessary. Leadership skills, technical expertise, and a deep understanding of cybersecurity concepts are essential for success in this role.


JOB RESPONSIBILITIES


· Respond promptly and effectively to security incidents and threats discovered by CSOC Analyst Level I and carry out effective Level II analysis of incidents.

· Remediation of incidents and escalation when necessary to Tier 3 support

· Initial assessment of the scope of the attack and affected systems

· Accurately document cases during investigations and effectively communicate findings to Level I Analyst or escalation team to ensure complete handover of work streams.

· Continuously improve incident management processes through periodic threat hunting exercises, knowledge optimization effort building, and by comprehensive diagnosis and analysis of incident trends.

· Follow the issue tracking, escalation policies and work effectively across all CSOC tiers as the technical competence requires.

· Dedicated monitoring and analysis of cyber security events by use of SOC tools

· Incident Response generation and reporting IAW established procedures.

· Provide Level II technical support in CSOC operations and activities.

· Provide daily/weekly updates on CSOC operations and developments.

· Conduct Forensic analysis and respond to data call activities.

· Generate quality technical reports containing methodologies, findings, and recommendations.

· Work with external stakeholders to understand operational needs and develop effective processes.

· Maintain a current understanding of industry trends, emerging cyber threats, and new solutions which may impact CSOC activities.

· Collaborate with CSOC SME to ensure optimal performance using CSOC technology.

· Identify, reverse engineering and de-obfuscating digital content related to an incident.


REQUIRED CERTIFICATIONS AND QUALIFICATIONS

· Bachelors in information technology, Computer Science, or a related field; or relevant, commensurate work experience.

· 5+ years of experience within a Level Tier 2 cybersecurity environment; experience in a leadership role is preferred.

· Robust Certification Portfolio including Security+, Network+, CEH, Azure or Cloud Certification, and Splunk Core Certified Power User.

· Ability to work a day or night shift rotational schedule.

· Vulnerability/cyber incident management framework.

· Experience with advanced technologies such as: Splunk SaaS, Splunk Enterprise Security, Splunk SaaS UBA, Crowdstrike, Tenable, Forescout, zScaler, Bigfix, MaaS-360 (IBM MaaS-360), and Encase for forensic investigations, Fireeye, Cortex XSOAR, Cortex XDR, and Prisma-Access.

· Prior HHS experience a plus.

Location: Parklawn Drive, Rockville MD (Onsite)

COMPANY OVERVIEW

CSEngineering is a Service-Disabled Veteran Owned small business that was founded in 2002 with the mission of being the best engineering and services firm in our industry while achieving the highest level of client satisfaction. CSEngineering has significant past performance with satellite systems, weapons and missile systems, naval architecture and engineering, aviation systems, and IT and Enterprise Architecture. We have come a long way since we were founded and now also provide services with focuses on logistics, item management, administration, equipment specialization, program management, configuration management, financial management, LAN operations, information technology and maintenance, development and operation of missile system laboratories, the operation of data collection systems, database, and information management support, demilitarization processes and DevSecOps. We could not achieve this without the dedication of our employees to their work and the clients we serve. Additionally, CSE is a Hire Vets Gold Medallion award recipient. The HIRE Vets Medallion Award is the only federal-level veterans' employment award that recognizes a company or organization's commitment to veteran hiring, retention, and professional development. CSEngineering truly values its people, wants them to love their jobs, and to build their careers with us. We are forever dissatisfied with status quo and are always looking for a better way to do things, not so much out of competitiveness, but out of a desire to simply be THE BEST and to lead our industry.

CSE offers a competitive salary and comprehensive benefits package, including medical, dental, life, disability, 401k, and paid time off.

CSE is an equal opportunity employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity and veteran status. #dice

Job stats:  1  0  0
Category: Analyst Jobs

Tags: Azure CEH Cloud Computer Science CrowdStrike CSOC DevSecOps EnCase Incident response Monitoring Reverse engineering SaaS SOAR SOC Splunk XDR XSOAR

Perks/benefits: Competitive pay Team events

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.