Client: Definitive Innovative Solutions Role:
SOC Analyst Location:
Arlington, VA (5 days
onsite and 2nd shift 2 pm – 10 pm) Duration:
Contract to Hire Citizenship: US
Citizen with active Top Secret clearance Pay Rate:
$65 an hour and 135k (some flex)
Top skills
Candidates need an Active TS and must be willing/eligible to
upgrade to a TS/SCI
Fully on site at DARPA HQ in Arlington (675 N Randolph Street Arlington VA
22203)
Must have a DoD 8140 Certification (A+, Network+, Security+, CEH, CISSP, etc.)
or higher
Looking for 2-3 years of Tier 2 support and 3-5+ years of overall experience.
They ideally want someone with a Bachelors degree but willing to be flexible if
they have more experience
Really needs someone who
understands Incidence Response, the MITRE ATT&CK frameworks, Splunk, PCAP,
log review, understanding the various alerts and how to respond to them.
Client Original Job Description
SOC Analyst - Tier 2 Overview
To be successful in this position you need to be collaborative and able to lead
the technical mission on your shift. You need to be a self-starter, completing
your tasks on your own, while conducting quality assurance on the tasks of
others on shift. Working together is critical in this role. You will be
interfacing with the Government and senior staff. Therefore, you should be
articulate in verbal and written communications, complex, technical concepts in
plain business language. Summary
The position entails working in a Network Operations and Security Center NOSC
where the team is responsible for monitoring security and health alerts for
systems on 14 different networks. The ideal candidate for this position will
lead the security mission in the NOSC by providing training to junior analysts,
reviewing reports written by the junior analysts, tuning tools for anomalous
detection, writing reports, presentations, and executive summaries.
Work Schedule
This position works 8-hour shifts on business days, with occasional on-call
support for weekends as needed (frequency and expectations to be discussed
during the interview process)
Key Responsibilities
Analyze and investigate escalated alerts from Tier 1
analysts using tools such as SIEM, EDR, IDS/IPS, and network monitoring
solutions.
Perform advanced log analysis, PCAP review, and
endpoint investigations to determine the nature and scope of threats.
Lead incident response activities for escalated
events, collaborating with Tier 3 analysts for complex or high-severity
incidents.
Prepare detailed incident reports and deliver
briefings to internal stakeholders, including senior leadership.
Collaborate with Tier 3 analysts, system
administrators, and other IT teams to implement mitigation strategies.
Mentor and provide technical guidance to Tier 1 NSOC
analysts, including training on incident handling and response procedures.
Assist in tuning detection tools and developing use
cases for anomalous activity detection.
Develop, update, and maintain comprehensive
documentation ensuring accuracy and alignment with current protocols and
best practices
Required Qualifications
·Leadership:
·2+ years’ Experience mentoring or providing
technical guidance to junior NSOC analysts, or leading incident response
efforts.
·Education:
·Bachelor’s degree in Cybersecurity,
Information Technology, Computer Science, or a related field (or equivalent
experience).
·Experience:
·3-6 years of experience in a SOC or
cybersecurity operations role, with proven experience investigating and
responding to security incidents
·Technical Skills:
·Proficiency with SIEM platforms (e.g., Splunk)
and endpoint detection tools (e.g., CrowdStrike, Sentinel One, Microsoft
Defender).
Strong understanding of network protocols, packet analysis, and tools like
Wireshark or Zeek.
Experience with IDS/IPS/NDR/EDR tools (e.g., Snort, Suricata, Bricata).
Ability to analyze logs, correlate data, and detect adversary tactics,
techniques, and procedures (TTPs).
Familiarity with threat intelligence frameworks such as MITRE ATT&CK, Cyber
Kill Chain, and IOC analysis.
Basic scripting or automation skills (e.g., Python, PowerShell, Bash) to
enhance workflows.
Locations Position Open to Only localsIndustry Information TechnologyStatus OpenJob Age 3 Day'sCreated Date 05/02/2025No.of Positions 1Duration 12Zip Code
