Parsons Corporation Jobs

Mobile Parsons Logo

Job Information

Parsons Corporation SOC Security Analyst (RESPOND)-Remote in Centreville, Virginia

Minimum Clearance Required to Start:

Not Applicable/None

Job Description:

SOC Security Analyst- (RESPOND)

Colorado Springs, CO

Neither snow, nor rain, nor heat, nor gloom of night will prevent you from getting the job done

You have a rare and valuable quality: persistence. You do whatever it takes to get the job done, including exercising admirable patience, putting in the time, and adopting Plan B or Plan C if Plan A isn't working. Our organization will value and reward your determination. Don't give up until we get in touch!

Responsibilities:

The SOC Analyst (RESPOND) performs in-depth computer security investigations and required actions per the documented Incident Response lifecycle. This position requires knowledge and experience in areas including security threats and tools, attack methodologies, operating systems, networking, and incident response (containment, eradication, and recovery of affected assets). Determines and pursues course of action necessary to obtain desired results and makes recommendations and changes to departmental policies and procedures. The focus for the SOC Analyst is the corporate network but may also contribute to the cyber security of classified environments. The incumbent should have experience and ability to write policies, standards, and procedural documents.

  • Perform Incident triage, to include determining scope, urgency, and potential impact

  • Perform Incident Response actions to mitigate immediate and potential threats

  • Receive cases from the DETECT team and perform deep-dive investigations to determine root cause

  • Work with IT and other units as needed to resolve Incidents, acquire necessary details, and ensure the Incident has been documented appropriately

  • Produce status updates on all open Incidents and Post-Mortem Reports as required

  • Remotely access machines to conduct malware eradication and remove unauthorized software

  • Correlate Incident data to identify specific risks and make mitigation recommendations

  • Monitor external data sources (e.g., vendor sites, US-CERT) to maintain knowledge of threat condition and evaluate security issues that may have an impact on the enterprise

  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and Intrusion Detection System [IDS] logs) to identify possible threats to network security

  • Perform forensically sound collection/storage of digital evidence and maintain chain of custody

  • Perform real-time Incident handling (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Process

  • Track and document incidents from initial detection through final resolution

  • Write and publish Incident reports and recommendations for senior leadership

  • Author SOC documentation including reports, procedures, policies, and playbooks

  • Contribute to weekly/monthly/annual cybersecurity briefings

  • Serve as technical expert and liaison to law enforcement personnel and explain Incident details as required

  • Teach and mentor junior analysts in RESPOND and across the SOC

It's 'all for one and one for all' in our organization

Supportive team effort is the way to go. Our inclusive workplace demonstrates that when you support each other, there are fewer errors, issues are resolved with comradely communication, and work is shared when necessary to get the job done. It's a wonderful arrangement, and every member of our diverse staff feels the strength of this unity. We include, respect, and look to promote every deserving individual. If you can give and receive support, you'll find a like-minded group with us.

PREFERRED EDUCATION/EXPERIENCE:

  • A Bachelor's Degree in computer engineering, computer science, or another closely related IT discipline

  • At least 3 years' experience in cyber security analysis or Incident Response in a Security Operations Center (SOC) or Computer Emergency Response Team (CERT) environment

  • Familiarity with CJCSM 6510.01B, and with various network and host-based security applications and tools such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages. Host based forensics and malware analysis experience desirable

CERTIFICATIONS:

The following certification is required:

  • One of the following certifications are required: CompTIA Security+,

  • CISSP (Certified Information Systems Security Professional

One of the following certifications is desired:

  • GCFA (GIAC Certified Forensic Analyst)

  • GIAC: Certified Intrusion Analyst

  • CISSP: Certified Information Systems Security Professional.

  • GIAC Certified Incident Handler (GCIH)

  • (GCIA), EnCE (EnCase Certified Examiner),

  • MCFE (Magnet Certified Forensic Examiner)

  • GCFE (GIAC Certified Forensic Examiner)

  • GREM (GIAC Reverse Engineering Malware)

  • GNFA (GIAC Network Forensic Analyst)

SKILLS/COMPETENCIES:

  • Excellent interpersonal, organizational, writing, and briefing skills

  • Strong analytical and problem-solving skills

  • In-depth knowledge of TCP/IP networking and network protocols

  • Real-time network monitoring using Security Information and Event Management (SIEM)

  • Experience with raw packet analysis (PCAP)

  • Broad knowledge of security appliances (Intrusion Detection System, Intrusion Prevention System, Firewalls, Proxies, etc.) to include how the devices work and associated limitations

  • Experience using a broad variety of network defense/monitoring tools in the context of an analyst

  • Experience using specialized forensic tools to acquire and examine evidence

  • Experience analyzing and correlating information from multiple sources to determine Event/Incident root cause, scope, and impact

  • Experience making false positive determinations vs real world threats

  • Basic understanding of scripting languages and syntax

  • Computer Intrusion methodology, and intrusion analysis/investigation methodology

  • Experience creating consumable and relevant reports from large amounts of data

  • Must be a US citizen and have the ability to obtain a government security clearance

We foster great, team-spirited collaborations

Our organization is truly a diverse community that's open for everyone to participate in making a difference. If you want your insights and ideas to be heard and possibly enacted for your advancement and ours, you'll feel at home here. We value diversity in all its forms, and so here, you will find no limits to your professional growth. We welcome you into the process of exchanging ideas with work that is both stimulating and profitable.

Parsons (NYSE: PSN) is a leading technology firm driving the future of defense, intelligence, and critical infrastructure. By combining unique technologies with deep domain expertise across cybersecurity, missile defense, space, connected infrastructure, and smart cities, we're providing tomorrow's solutions today. With a history of disruption beginning in 1944, we apply our distinct perspective to help our customers confront the issues of tomorrow in every domain-land, sea, air, space, and cyber. Our range of capabilities and our global network of resources lets us layer and integrate solutions to respond to any challenge with unmatched agility. In a time of rapid change, we see infinite sources of inspiration to fuel our creativity and enable the innovation necessary to accomplish our quest of delivering a better world. For more about Parsons, visit us at parsons.com and follow our quest on Facebook (https://www.facebook.com/parsonscorporation) , Instagram (https://www.instagram.com/parsonscorporation/) , Twitter (https://twitter.com/parsonscorp) , and LinkedIn (https://www.linkedin.com/company/parsons/) .

The anticipated annualized full time target compensation (median) for this position is: $100,000.00.Benefits for this position include: medical, dental, vision, paid time off, Employee Stock Ownership Plan (ESOP) and 401K.

Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBTQ+. All qualified applicants will receive consideration for employment without regard to an individual’s race, color, religion, national origin, ethnicity, union affiliation, age, sex, sexual orientation, gender identity and expression, pregnancy, employable physical or mental disability, veteran status, genetic information, immigration status, or any other basis protected by all applicable laws.

DirectEmployers