0 suggestions are available, use up and down arrow to navigate them
What job do you want?

Senior Security Operations Center (SOC) Technical / Strategic / Analyst job in Washington at Trellix

Create Job Alert.

Get similar jobs sent to your email

List of Jobs

Apply to this job.
Think you're the perfect candidate?
Senior Security Operations Center (SOC) Technical / Strategic / Analyst at Trellix

Senior Security Operations Center (SOC) Technical / Strategic / Analyst

Trellix Washington, DC Full-Time
**_Job Title:_**

Senior Security Operations Center (SOC) Technical / Strategic / Analyst

**_Role Overview:_**

The Senior Security Operations Center (SOC) Analyst position performs in a Senior Level Threat Hunter/Researcher role from an automation perspective. The Analyst will use advanced network and host-based tools to search through datasets to detect and respond to imminent and potential threats that evade traditional security solutions. This role could role into a technical lead for elevated threat management and security solutions identified by or reported to the SOC. Will develop and support the development and advancement of automation and integration technologies. You are capable of clear communications to varying audiences across the organization, in addition to looking for and building agreement where needed to achieve a strengthened security posture.

**About You:**

+ Look for and research potential malicious activity and incidents across multiple platforms using advanced threat network and host-based/open-source tools

+ Use threat intelligence to build indicators of compromise into monitoring tools, be able to integrate these tools with one another to provide data enrichment

+ Use TCP/IP networking skills to perform network analysis to isolate and diagnose potential threats and anomalous network behavior

+ Automate networking tasks and analysis tasks

+ Document code and automation efforts in an understandable manner for a non-programmer

+ Report common and repeated problems (trend analysis) to management and propose/improve process and technical improvements

+ Provide resolution plans for system and network issues

+ Provide support in the detection, response, mitigation and reporting of real or potential cyber threats to the environment and be able to help automate these processes

+ Maintain and employ a understanding of advanced threats, vulnerability assessment, response and mitigation strategies used in cybersecurity operations

+ Provide written and verbal reports and updates to customers/teams

+ Leadership role in providing ongoing knowledge transfer to junior analysts

+ Develop up to date Run-Books and Standard Operation Procedures to maintain relevancy, address current/latest threats and technology, and ensure constant improvement that meet industry standards and latest attacks and threats

+ Support major projects, including new plans, capacity, life-cycle management, new products and features, and integration

+ Develop process and architecture diagrams

+ Resolve complex networking and other technology issues with multiple parties involved

**About You:**

+ Six (6+) years of experience as a **Level 3** SOC Analyst performing incident handling, sensor alert tracking, and cybersecurity case management

+ You will have experience programming in at least one of the following: Python, Powershell, Bash, Shell Script, Batch, VBscript (Python experience preferable)

+ You will have cybersecurity incident discovery and event management, network forensics, IPS/IDS, firewalls, content filtering technology, DLP, configuration management, endpoint protection, database security and log collection and analysis understanding

+ Working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)

+ Experience with cybersecurity tools, including McAfee SIEM/ePO/VSE/ENS/ FireEye NX, Splunk, Quest, ServiceNow, Oracle.

+ Network Traffic Analysis, Malware analysis, Raw Packet Captures, database technologies, web applications technologies, firewall technologies, etc.

+ Experience with cybersecurity forensics tools and methodologies (Disk, file and memory acquisition)

+ Experience in Tabletop exercises

+ Extensive experience with network ports and protocols


+ Lead and direct security incident response

+ Involvement in threat intelligence and cybersecurity communities

**Additional Skills:**

+ Manage teams and shifts of analysts

+ Experience providing training/instruction to junior IT personnel and C-level management

+ Willingness to work overtime and adjust to reasonable demands from customer

+ Experience managing Run-Books and Standard Operation Procedures in a SOC environment

+ Troubleshoot and reasoning ability

+ Ability to communicate technical details effectively in writing and verbally to junior IT personnel and management

+ Team player

**_Company Benefits and Perks:_**

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

+ Pension and Retirement Plans

+ Medical, Dental and Vision Coverage

+ Paid Time Off

+ Paid Parental Leave

+ Support for Community Involvement

We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Recommended Skills

  • Active Directory Group
  • Application Layers
  • Architecture
  • Automation
  • Bash (Scripting Language)
  • Case Management
Apply to this job.
Think you're the perfect candidate?

Help us improve CareerBuilder by providing feedback about this job:

Job ID: 2318006724

CareerBuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.