HallieMorgan Technologies is seeking an experience SOC network engineer/cyber analyst. The successful candidate will be responsible for monitoring network traffic and threat hunting and analyzing network traffic.
A BS or Higher in IT, Mathematics or related field
4+ years' IT Experience
US Citizenship required
Monitor an Elastic SIEM platform and respond appropriately to any suspicious or abnormal alerts.
Perform threat hunts based on current cyber threat intelligence or recent cyber events.
Review the ingest of cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts and determine its applicability to the systems environment.
Create detection content to support the automated identification of threats across the environment.
Perform daily research to identify new tools, tactics, and procedures for threat actors and malware families.
Author, update, and maintain SOPs, playbooks, work instructions.
Prepare and report risk analysis and threat findings to appropriate stakeholders.
Must have an active TS clearance and eligible for a TS/SCI but a TS/SCI is preferred
Knowledge of Security incident and event monitoring (SIEM) platforms.
Direct experience working with very large datasets and log analysis tools.
Ability to characterize and analyze network traffic, identify anomalous activity / potential threats, analyze anomalies in network traffic using metadata
Experience in planning and conducting threat hunts.
Familiarization of Windows and Unix based operating systems.
Knowledge of common networking protocols (http, dns, smb, etc.).
Knowledge of the TCP/IP networking stack.
Knowledge of both IT and OT networks.
Understanding of complex Enterprise networks (routing, switching, firewalls, proxies, etc.).
Security controls (firewalls, antivirus, Endpoint Detection and Response platforms, Intrusion Detection Systems, packet capture tooling, etc.) and how they can be leveraged to spot anomalies.
Log analysis and how events of interest can be linked together or corroborated.
Knowledge of threat actors’ tactics, techniques and procedures
Location: DC Metro Area
Onsite with potential occasional remote work Job Type: Full-time Job Type: Full-time Pay: $105,000.00 - $125,000.00 per year
Join a thriving team environment that will put your skills and expertise to the test. A long term opportunity with progressive responsibilities and room for growth. Company paid education, with a customized career path which includes conferences, certifications and multiple learning opportunities. Paid Time Off (Vacation, sick and Holiday). Health insurance (Medical, Dental, Vision and long and short term disability). Employer contribution to 401k.