Security Operations Center (SOC) Analyst (Tier III)

Washington, DC

Applications have closed
Description

About Zen:  

Own your opportunity to work with a client-focused agile small business. Make an impact by advancing our government organizations charged with keeping our country safe, prosperous, and secure. Zen Strategics, LLC is a cleared, minority-owned SBA 8(a) specialized consulting firm, offering innovative Cybersecurity, Cloud Migration, and Information Technology Modernization. We are a leading organization committed to delivering innovative solutions and ensuring the highest standards of security for our customers' digital assets. We are dedicated to staying ahead of evolving cyber threats and protecting our clients' data with cutting-edge technologies and proactive security measures.??? 


Position Description:? 

Seize your opportunity to make a personal impact as a Tier III SOC Analyst. Zen is your place to make meaningful contributions by joining our dynamic team of cybersecurity professionals. As a Tier III SOC Analyst, you will play a critical role in safeguarding our clients' infrastructure by leading the response to complex security incidents and advanced threats. You will utilize your in-depth knowledge of networks, security tools, intrusion detection systems, forensics, and incident response techniques to analyze, triage, and remediate security events. Your expertise will be essential in conducting root cause analysis, developing mitigation strategies, and implementing countermeasures to prevent future incidents. Additionally, you will mentor junior analysts, contribute to the development of SOC processes and procedures, and collaborate with cross-functional teams to enhance our security posture. If you are passionate about defending against cyber threats and have a proven track record in a SOC environment, this is the opportunity to elevate your career with Zen. Join us to protect what matters most. 

Requirements

 

Responsibilities:? 

As a Tier III SOC Analyst, you’ll be Zen’s frontline expert in advanced threat detection, incident response, and proactive defense strategies. You will be responsible for conducting deep-dive analyses of complex security incidents, identifying and mitigating sophisticated threats, and providing actionable recommendations to enhance the organization's security posture. Your role will involve leading incident investigations, collaborating with other cybersecurity teams to coordinate response efforts, and ensuring the continuous improvement of detection and response capabilities. 

You will provide expert analysis as the escalation point for Tier I and Tier II analysts through the use of deep dive analysis of network logs, packet capture, Windows and Linux log data, and other security artifacts. Through this analysis, you will work on incident response as well as refine and tune detections to decrease false positives and increase true positive detections. You will continually work to optimize the Security Information and Event Management (SIEM) to enhance detection capabilities for current and emerging threats, incident response processes, and event correlations through the use of custom detection logic and rule creation.  

Tier III SOC analysts will conduct vulnerability analysis to identify security weaknesses within the network and provide gap analysis for existing security tool sets as well as providing exploit analysis for vulnerabilities and providing defensive measures to prevent attacks.  

You will mentor junior analysts by providing training and guidance to help develop their threat analysis skills and incident response capabilities through the use of side-by-side training, custom scenarios, and team cyber drills / table top exercises created by Tier III, Shift Leads, and the Security Operations Manager. You will work to have a continual knowledge transfer to improve the overall effectiveness of each SOC analyst. Additionally, you’ll be expected to stay current with the latest threat intelligence and emerging attack vectors, continually evaluate and provide recommendations for improvement of the current security posture, and contribute to the overall resilience of Zen's cybersecurity operations. 


Required Education/ Qualifications: 

  • Education: Bachelor Degree – Bachelor of Science in an Information Technology or Cybersecurity field preferred.  
  • Experience:  
  • Experience: 7+ years of experience in systems/infrastructure security monitoring and response on a variety of technologies (e.g., databases, networks, storage, servers, directories, etc.). 
  • At least two (2) years of experience as a Tier III/3 SOC analyst or similar work roles. 
  • Certification: Active/Good standing professional certification(s) that satisfy DoD 8570’s approved baselines for either CSSP Incident Responder or IAT Level III. 
  • Experience:   
  • In-depth knowledge of each phase of the Incident Response life cycle. 
  • Experience with operational toolsets that include but not limited to; Azure Security Center, ForeScout, Microsoft Defender Products, Microsoft Sentinel, RSA Archer, Forcepoint, Gigamon, Splunk, Tenable Nessus, Palo Alto, Azure Active Directory, Cisco routers and switches, Cisco ASA and NGFW platforms, Cisco ISE, EnCase (or another digital forensic tool) Akamai, PCAP analyzer, and F5. 
  • Understanding of Enterprise Network Architectures to include routing/switching, common protocols (DHCP, DNS, HTTP), and devices (Firewalls, Proxies, Load Balancers, VPN). 
  • Ability to recognize suspicious activity/events, common attacker TTPs, and perform logical analysis and research to determine root cause and scope of Incidents. 
  • Be familiar with Cyber Kill Chain and have utilized and implemented the MITRE ATT&CK Framework within a previous environment. 
  • Have scripting experience with Python, PowerShell, and/or Bash
  • Expertise of Operating Systems (Windows/Linux) operations and artifacts. 
  • Strong problem-solving abilities with an analytic and qualitative eye for reasoning. 
  • Exceptional verbal and written communication skills. 
  • Ability to communicate with all levels of audiences (subordinates, peers & leadership). 

Zen Serenity

  • Flexible work week to own your priorities at work and at home. 
  • 401K with company match 
  • Comprehensive health and wellness packages 
  • Professional growth opportunities including paid education and certifications. 
  • Cutting-edge technology you can learn from 
  • Rest and recharge with paid vacation and holidays 



Zen Strategics is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability, veteran status, or any protect class. If you need reasonable accommodation to search for a job opening or to submit an online application, please email accommodations@zenstrategics.com. Only messages left for this purpose will be returned.   

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  2  0

Tags: Active Directory Agile Azure Bash Cloud Cyber Kill Chain DNS DoD DoDD 8570 EnCase Exploit Firewalls Forensics Incident response Intrusion detection Linux MITRE ATT&CK Monitoring Nessus NGFW PCAP PowerShell Python RSA Scripting Sentinel SIEM SOC Splunk Threat detection Threat intelligence TTPs VPN Vulnerabilities Windows

Perks/benefits: 401(k) matching Career development Flex vacation Team events

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.