SOC Analyst

Location: 
Rockville, MD

CyberData Technologies, Inc., an established technology solution provider based in Herndon, Virginia, is looking to expand its growing team. We are an industry leader in data warehousing and business intelligence for both government and commercial clients. Our employees are our greatest asset and we are committed to their professional development and growth. We provide competitive salaries, bonuses, generous benefit packages, and paid time off to balance work and personal commitments.

Job Location: Rockville, MD

Job Description:

The successful candidate must have great written and verbal communication skills. The functions that will be performed include:

  • Work in Continuous Monitoring Support and Security Operation Center.  Candidate will wear multiple hats within the SOC, from working with the vulnerability management team to working with the incident response team.
  • Plan and conduct vulnerability scanning programs (WebInspect Enterprise, HP Fortify Static Code Analyzer, Tenable, Burp Suite, NetSparker, CodeDX)
  • ·Participate in the vulnerability management program.  Experience with OWASP top 10.

 

Qualifications (include but not limited to):

  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science or related field
  • Thorough experience with vulnerability management tools such as HP Fortify Vulnerability Scanning Suite, Tenable, Netsparker, and HP Static Code Analyzer.  Experience analyzing vulnerability results and providing remediation recommendations to customers is a plus!
  • Experience with IDS/IPS technologies such as SourceFire and Palo Alto Firewalls.  Candidate should be familiar with rulesets, monitor IDS/IPS events, and monitor IDS/IPS functional operational status.  Experience analyzing and modifying SNORT rules is preferred.
  • Experience with FireEye technologies, such as NX, HX, AX.
  • Experience with troubleshooting in an Active Directory environment.  A solid understanding of Windows 2008/2012 Server, Windows 7, the Microsoft registry, remote administration, and other MS products.  IPv6 experience a plus.
  • Experience in every facet of the Enterprise Incident Response Cycle: Preparation, Detection & Analysis, Containment and Recovery, Post Incident Analysis.
  • Solid experience with TCP/IP protocols and ports.  Preferably firewall and ACL experience.
  • SOC analysis and SIEM experience with Splunk. Candidate should be able to write basic Splunk queries, create dashboards and reports, and be familiar with Splunk Enterprise Security (ES).  Candidates with Splunk certifications are preferred (i.e. Power User, Developer, etc.)
  • Experience with sniffers, packet capture and netflow tools including Wireshark (required) and NetWitness (preferred).  Candidate should be able to efficiently gather and analyze data with these tools to detect potential IT security incidents, identify indicators of compromise, and troubleshoot network events.
  • Experience in Information Security and with the use of security devices.
  • One of the following certifications desired: Certified Information Security Professionals (CISSP), GIAC Certified Penetration Tester (GPEN), or GIAC Certified Web Application Penetration Tester (GWAPT)
  • Ability to obtain a Public Trust clearance

 

Please submit your resume in Word format with salary requirement to career@cyberdatainc.com.

Principals only: NO 3rd PARTY, no employment agencies. No telephone calls please.

CyberData is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

CyberData Technologies, Inc.

career@cyberdatainc.com