Parsons Corporation SOC Security Analyst (RESPOND)-Remote in Centreville, Virginia
Minimum Clearance Required to Start:
SOC Security Analyst- (RESPOND)
Colorado Springs, CO
Neither snow, nor rain, nor heat, nor gloom of night will prevent you from getting the job done
You have a rare and valuable quality: persistence. You do whatever it takes to get the job done, including exercising admirable patience, putting in the time, and adopting Plan B or Plan C if Plan A isn't working. Our organization will value and reward your determination. Don't give up until we get in touch!
The SOC Analyst (RESPOND) performs in-depth computer security investigations and required actions per the documented Incident Response lifecycle. This position requires knowledge and experience in areas including security threats and tools, attack methodologies, operating systems, networking, and incident response (containment, eradication, and recovery of affected assets). Determines and pursues course of action necessary to obtain desired results and makes recommendations and changes to departmental policies and procedures. The focus for the SOC Analyst is the corporate network but may also contribute to the cyber security of classified environments. The incumbent should have experience and ability to write policies, standards, and procedural documents.
Perform Incident triage, to include determining scope, urgency, and potential impact
Perform Incident Response actions to mitigate immediate and potential threats
Receive cases from the DETECT team and perform deep-dive investigations to determine root cause
Work with IT and other units as needed to resolve Incidents, acquire necessary details, and ensure the Incident has been documented appropriately
Produce status updates on all open Incidents and Post-Mortem Reports as required
Remotely access machines to conduct malware eradication and remove unauthorized software
Correlate Incident data to identify specific risks and make mitigation recommendations
Monitor external data sources (e.g., vendor sites, US-CERT) to maintain knowledge of threat condition and evaluate security issues that may have an impact on the enterprise
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and Intrusion Detection System [IDS] logs) to identify possible threats to network security
Perform forensically sound collection/storage of digital evidence and maintain chain of custody
Perform real-time Incident handling (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Process
Track and document incidents from initial detection through final resolution
Write and publish Incident reports and recommendations for senior leadership
Author SOC documentation including reports, procedures, policies, and playbooks
Contribute to weekly/monthly/annual cybersecurity briefings
Serve as technical expert and liaison to law enforcement personnel and explain Incident details as required
Teach and mentor junior analysts in RESPOND and across the SOC
It's 'all for one and one for all' in our organization
Supportive team effort is the way to go. Our inclusive workplace demonstrates that when you support each other, there are fewer errors, issues are resolved with comradely communication, and work is shared when necessary to get the job done. It's a wonderful arrangement, and every member of our diverse staff feels the strength of this unity. We include, respect, and look to promote every deserving individual. If you can give and receive support, you'll find a like-minded group with us.
A Bachelor's Degree in computer engineering, computer science, or another closely related IT discipline
At least 3 years' experience in cyber security analysis or Incident Response in a Security Operations Center (SOC) or Computer Emergency Response Team (CERT) environment
Familiarity with CJCSM 6510.01B, and with various network and host-based security applications and tools such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages. Host based forensics and malware analysis experience desirable
The following certification is required:
One of the following certifications are required: CompTIA Security+,
CISSP (Certified Information Systems Security Professional
One of the following certifications is desired:
GCFA (GIAC Certified Forensic Analyst)
GIAC: Certified Intrusion Analyst
CISSP: Certified Information Systems Security Professional.
GIAC Certified Incident Handler (GCIH)
(GCIA), EnCE (EnCase Certified Examiner),
MCFE (Magnet Certified Forensic Examiner)
GCFE (GIAC Certified Forensic Examiner)
GREM (GIAC Reverse Engineering Malware)
GNFA (GIAC Network Forensic Analyst)
Excellent interpersonal, organizational, writing, and briefing skills
Strong analytical and problem-solving skills
In-depth knowledge of TCP/IP networking and network protocols
Real-time network monitoring using Security Information and Event Management (SIEM)
Experience with raw packet analysis (PCAP)
Broad knowledge of security appliances (Intrusion Detection System, Intrusion Prevention System, Firewalls, Proxies, etc.) to include how the devices work and associated limitations
Experience using a broad variety of network defense/monitoring tools in the context of an analyst
Experience using specialized forensic tools to acquire and examine evidence
Experience analyzing and correlating information from multiple sources to determine Event/Incident root cause, scope, and impact
Experience making false positive determinations vs real world threats
Basic understanding of scripting languages and syntax
Computer Intrusion methodology, and intrusion analysis/investigation methodology
Experience creating consumable and relevant reports from large amounts of data
Must be a US citizen and have the ability to obtain a government security clearance
We foster great, team-spirited collaborations
Our organization is truly a diverse community that's open for everyone to participate in making a difference. If you want your insights and ideas to be heard and possibly enacted for your advancement and ours, you'll feel at home here. We value diversity in all its forms, and so here, you will find no limits to your professional growth. We welcome you into the process of exchanging ideas with work that is both stimulating and profitable.
Parsons (NYSE: PSN) is a leading technology firm driving the future of defense, intelligence, and critical infrastructure. By combining unique technologies with deep domain expertise across cybersecurity, missile defense, space, connected infrastructure, and smart cities, we're providing tomorrow's solutions today. With a history of disruption beginning in 1944, we apply our distinct perspective to help our customers confront the issues of tomorrow in every domain-land, sea, air, space, and cyber. Our range of capabilities and our global network of resources lets us layer and integrate solutions to respond to any challenge with unmatched agility. In a time of rapid change, we see infinite sources of inspiration to fuel our creativity and enable the innovation necessary to accomplish our quest of delivering a better world. For more about Parsons, visit us at parsons.com and follow our quest on Facebook (https://www.facebook.com/parsonscorporation) , Instagram (https://www.instagram.com/parsonscorporation/) , Twitter (https://twitter.com/parsonscorp) , and LinkedIn (https://www.linkedin.com/company/parsons/) .
The anticipated annualized full time target compensation (median) for this position is: $100,000.00.Benefits for this position include: medical, dental, vision, paid time off, Employee Stock Ownership Plan (ESOP) and 401K.
Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBTQ+. All qualified applicants will receive consideration for employment without regard to an individual’s race, color, religion, national origin, ethnicity, union affiliation, age, sex, sexual orientation, gender identity and expression, pregnancy, employable physical or mental disability, veteran status, genetic information, immigration status, or any other basis protected by all applicable laws.