Security Operations Center (SOC) Tier II Analyst

Job Location: Morrisville, NC (currently 100% remote)

Shift: Monday - Friday, 7am- 4pm (or) 9am-6pm

Overview:

NikSoft Systems Corporation is a recognized Information Technology solutions provider. Founded in 1998 and based in Reston, Virginia, NikSoft is a CMMI Level 3 Certified company with an established reputation for excellence and on-time delivery with a consistently high customer satisfaction rating from its Federal Government and private consulting contracts.

Team: Cybersecurity Operations

NikSoft is currently conducting a search for a professional and experienced SOC Tier II Analysts to add to its team in support of the United States Postal Service. The candidate will have expertise in managing cybersecurity risks and incidents in a large-scale enterprise environment.

Responsibilities:

• Identification of Cybersecurity problems which may require mitigating controls
• Analyze network traffic to identify exploit or intrusion related attempts
• Recommend detection mechanisms for exploit and or intrusion related attempts
• Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
• Escalate items which require further investigation to other members of the Threat Management team
• Execute operational processes in support of response efforts to identified security incidents
• Responsible for monitoring, reviewing, and responding to security alerts and incidents across multiple platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC).
• Duties include performing threat detection and analysis, investigating suspicious activity, coordinating incident response efforts, and implementing remediation actions.
• The role also involves tuning security policies, maintaining visibility into cloud and endpoint environments, and supporting continuous improvement of the organization's security posture
• Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
• Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
• Keeps management informed with precise, unvarnished information about security posture and events
• Promotes standards-based workflow both internally and in coordinating with CISA
• Engages with other internal and external parties to get and share information to improve processes and security posture
• Leads analyzing/investigating reports or anomalies

Required Qualifications:

• Associate's Degree in Computer Science or related field; Bachelor's degree preferred
• 3+ years IT security experience
• 2+ years' experience in network traffic analysis
• Strong working knowledge of:
  • Boolean Logic
  • TCP/IP Fundamentals
  • Network Level Exploits
  • Threat Management
  • Regular Expressions
• Knowledge of Control Frameworks and Risk Management techniques
• Excellent oral and written communication skills
• Excellent interpersonal and organizational skills
• Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
• Strong understanding of common IDS/IPS architectures and implementations
• Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
• Azure and GCP O365/Microsoft 365 experience required

Desired Skills:

• Splunk experience, developing queries
• Cloud monitoring experience is a plus
• Excellent writing skills
• Comp TIA Security+

****Candidates must be able to obtain a Postal Sensitive Clearance (US Citizenship or Green Card required). Additionally, candidates must not have traveled outside of the USA for a combined period exceeding 6 months within the last 5 years.***