SOC Engineer Tier 1/2

If you’re seeking a sense of community and the ability for growth, look no further. Since 1982, we have been 100% dedicated to our people. Our approach permits greater ownership for individuals and welcomes input into decisions for a thriving workplace and happy employees. Our people are the core reason for AIS’ success. As an employee owned company, we are looking for individuals that are passionate about finding innovative solutions, and excited about emerging technologies and capabilities.

Introduction:

As a SOC Engineer Tier 1-2 you will use cutting-edge cloud technologies to ensure secure operations for our clients. Ensure that large-scale Azure and M365 environments are secure and that security events are quickly identified and resolved. Build comprehensive security alerts and monitoring tools and dashboards to gauge the operational security of system components. Implement innovation to improve efficiency of Azure security related activities. Serve as point of escalation for challenging and complex security issue resolution. Join our team of security operations cloud professionals and accomplish what others only dream of. 
This is a day shift position, but you must be willing to fill in on nights and weekends as needed.
 

What You'll Be Doing  

• Review the environment scoping information and inventory to ensure a deep understanding of the organization's business, its applications, and technical solutions. 

• Be well versed in the areas of focus on the security roadmap and have an understanding of how they will be implemented and impact the work that the Security Operations Center staff will have to take up. 

• Provide the SOC with an understanding as to the mapping between IT & organization security and how it relates to the responsibilities and tasking that the SOC has. 

• Ensure that the SOC team is focusing on education based on preventative maintenance and roadmap capabilities. 

• Participate in audit reviews to ensure that gaps in coverage are being addressed by the SOC team. 

• Support the creation of reporting templates, explain how they are used and generated and the expectation regarding their cadence.  Create a process where the reports are reviewed and feedback loops provide the ability to improve them. 

• Specialize in SIEM configuration and maintenance. 

• Responsible for building the security architecture and systems 

• Work with development operations teams to ensure that systems are up to date. 

• Document requirements, procedures, and protocols to ensure that other users have the right resources 

• Work with customers on complex operational issues 

Location and Travel Details  

Springfield, VA

Security Clearance and Citizenship Requirements 

TS/SCI with CI Polygraph is required

Skills required for this opportunity 

• 3 + years of experience in security engineering to operate M365 and Azure platforms 

• Security + certification 

• Experience in Azure and M365 environments 

• Good experience in a variety of SOC engineering/ administration tools 

• Handles daily alerts, incidents; monitors, tracks, analyzes and records. 

• Work with other IT professionals to resolve fast moving vulnerabilities such as spam, virus, spyware and malware. 

• Monitor security vulnerability information from vendors and third parties. 

• Strong engineering analysis ability 

Other applicable skills for this opportunity 

• Provide technical guidance / recommendations to clients to enhance their overall security posture within the managed products. 

• Work with vendors, outside consultants, and other third parties to improve information security within the organization. 

• Advanced Forensics skills to evaluate current malware and phishing threats. 

• Familiarity with Microsoft Azure Sentinel and Microsoft Defender Suite 

• Experience with SOC capabilities using tools like Azure Monitor, Azure Sentinel, Azure Automation, Azure Backup, Azure Security Center, etc.  

• Apply these capabilities to IaaS and PaaS services such and VMs, Azure Service Environment ASE, Azure Kubernetes Service AKS, Spring Cloud, Azure Virtual Desktop, etc.  MSFT: SC-200, SC-900, AZ-900, AZ-500 

Applied Information Sciences is an Equal Opportunity Employer and does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status, or any other basis covered by law. Employment decisions are based solely on qualifications, merit, and business need.