Junior SOC Analyst

Looking for an exciting opportunity to make an impact as a Security Operation Center Analyst?

Leidos has an exciting Junior SOC Analyst position located in Baltimore, MD.
 
Our Security Operations Center Analyst will work with an elite team of IT professionals to maintain an optimal environment for critical systems. We are looking to hire a Junior SOC Analyst to provide a full range of cyber security services on a multi-year contract in Baltimore, MD. The position is full-time/permanent and will support a US Government civilian agency.

The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

Morning Shift (Sunday-Wednesday, 6am-4pm EST).

Primary Responsibilities

• Perform hunting for malicious activity across the network and digital assets
• Respond to computer security incidents and conduct threat analysis
• Identify and act on malicious or anomalous activity
• Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity
• Perform detailed investigation and response activities for potential security incidents
• Provide accurate and priority driven analysis on cyber activity/threats
• Perform payload analysis of network packets
• Recommends implementation of counter-measures or mitigating controls
• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
• Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
• Create and continuously improve standard operating procedures used by the SOC
• Resolve or coordinate the resolution of cyber security events
• Monitor incoming event queues for potential security incidents
• Create, manage, and dispatch incident tickets
• Monitor external event sources for security intelligence and actionable incidents
• Maintain incident logs with relevant activity
• Document investigation results, ensuring relevant details are passed to SOC Lead, Incident Management team and stakeholders
• Participate in root cause analysis or lessons learned sessions

Qualifications

• 2+ years of relevant IT experience with at least 1 year in information security operations
• High school diploma or higher
• Must have familiarity with US-CERT Federal Incident Notification Guidelines
• Knowledge of log, network, and system forensic investigation techniques
• Experience performing analysis of log files from a variety of sources, including individual host logs, network traffic logs, firewall logs, or intrusion prevention/detection logs
• Knowledge or experience conducting intelligence-driven defense using the MITRE ATT&CK framework and Cyber Kill Chain (CKC)
• Diverse knowledge base of operating systems, network protocols, system administration, and security technologies
• Knowledge of TCP/IP Networking and the OSI model
• Experience creating actionable tickets from alerts from a range of security tools and/or SIEM technologies
• Excellent problem-solving, critical thinking, and analytical skills with the ability to de-construct problems
• Strong customer service skills and decision-making skills

CLEARANCE REQUIREMENTS:

• Must be able to obtain and maintain a Public Trust security clearance prior to start
• United States Citizenship is required

Preferred Qualifications

• Bachelor’s degree in Computer Science or related field
• Certifications: CompTIA Security+, SANS GCIA/GNFA/GCIH, EC-Council CEH                                                                                                                                                                                                                       
• Experience working in a Security Operations Center (SOC) environment
• Experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• Experience with packet analysis (Wireshark) and malware analysis
• Experience monitoring threats via SIEM console
• Experience with Splunk, Crowdstrike, and Akamai WAF
• Familiar with AWS cloud environments, architecture, and services
• Experience with proprietary and open-source deception technologies and platforms
• Experience with technologies such as Snowflake and Panther Cloud
• Experience using ServiceNow

Our target salary for this position is $60,000 to $65,000 per year.

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.