• Find preferred job with Jobstinger
  • ID
    #44719375
  • Job type
    Permanent
  • Salary
    TBD
  • Source
    DMI
  • Date
    2022-08-08
  • Deadline
    2022-10-07
 
Permanent

Vacancy expired!

About DMI

DMI (Digital Management, LLC.) is a global technology solutions company that specializes in digital strategy, design, transformation and support. Utilizing expertise from six unique DMI Groups, in the areas of AI & Analytics, Commerce, Experience, Managed Services, Transformation, and Government, DMI delivers intelligent digital transformation solutions that meet organizations where they are. Born digital, DMI has been delivering mission-critical, enterprise grade solutions since 2002 for over a hundred Fortune 1000 enterprises and all fifteen U.S. Federal Departments. DMI has grown to 2,000+ employees globally and has been continually recognized by top industry analysts as market leader as well as a Top Place to Work by the Washington Post. DMInc.com | Careers | Twitter | LinkedIn | Facebook

About the Opportunity

DMI (Digital Management, LLC.) is looking for a

Security Operations Center (SOC) Analyst with hands-on experience monitoring, detecting, and analyzing threats and cybersecurity events to identify and defend against validated intrusion events . Daily work includes monitoring network and system security events, conducting threat hunting through event data and activity logs, developing alarms for suspicious or malicious activity, escalating alerts to clients and preparing reports to summarize detected activities.

The SOC Analyst executes and helps to create operational processes for consistent monitoring of client environments and should be familiar with varieties of security tools and technologies. The SOC Analyst additionally works to support the Incident Response Team by conducting monitoring and analysis during incident management engagements.

Qualifications

Duties and Responsibilities:

  • Monitor, protect, and defend the State of Maryland (State of MD) perimeter against malicious network traffic.
  • Monitor, protect, and defend internal networks and host within the State of MD DoIT Area of Responsibility (AOR) against ongoing and emerging threats.
  • Enrich monitoring logs with contextual operation data from DoIT AOR functional areas correlate events and identify security issues, threats, and vulnerabilities
  • Conduct security event analysis and validation, triage validated incidents, perform initial containment where feasible, research incident and enrich incident case documentation, and escalate incident for further analysis, containment, and eradication.
  • Review and analyze threat intelligence information and proactively search application, system, network logs to hunt for and thwart relevant threats identified threats.
  • Prepare and perform shift handover briefing to communicate completed and pending activities, and relay situational awareness information.
  • Contribute to the development and maintenance of SOC Standard Operating Procedures (SOPs) and Concept of Operations (CONOPS) to establish and continuously improve organization operating knowledge base.
  • Participate in post-incident activities and contribute to lessons learned to improve security operations.
  • Provide support in preparation of management threat reports and briefings, and recommendations.
  • Provide sound technical recommendations that enable remediation of security issues.
  • Partner with security engineering to develop and refine SIEM correlation rules.
  • Utilize advanced threat models, SIEM use cases, and incident response playbooks specific to State of MD SOC.

R equired Skills and Qualifications:

  • Bachelor's degree from an accredited college or university with a major in computer science, information systems, engineering, business, or a related scientific or technical disciplines . Master's Degree is preferred.
  • CompTIA CySA+ certification/ or a CompTIA Security+ (or other relevant IAT Level II/III Certification) along with one of the following:
    • CEH
    • CFR
    • CCNA Cyber Ops
    • CCNA-Security
    • CySA+
    • GCIA
    • GCIH
    • GICSP
    • Cloud+
    • SCYBER
    • PenTest+
  • Experience analyzing intrusion events such phishing emails, malware, privileges misuse, traffic indicating potential malicious activities such DoS/DDoS, brute force, data loss through exfiltration/ inadvertent disclosure.
  • Applied experience of threat analysis model/frameworks such Cyber Kill Chain, MITRE ATT&CK, Diamond Model, Pyramid of Pain etc.
  • Working knowledge of advanced threat Tactics, Techniques and Procedures (TTPs).
  • Applied experience with network traffic analysis with tools like Wireshark
  • Applied experience with a variety of Opensource threat research tools/platforms such as Virus Total
  • Working knowledge of network and security architecture principles such as defense-in-depth
  • Experience with proprietary security protection/detections tools such as Firewall, Host and Network IDS/IPS, Anti-Virus, EDR, URL Filtering Gateways, Email Filtering Gateways, DLP tools, and SIEM tools such as Splunk etc.
  • Capable of working independently, establishing priorities and managing task completion within set SLAs
  • Able to communicate effectively through writing, speaking, and presenting to client technical representatives.
  • Team player capable of productively contributing to the client mission by supporting fellow teammates in a dynamic growing and changing environment.

Desired Skills and Qualifications:

  • Experience with mid-to-advance level malware analysis
  • Experience creating detailed queries and scripts, such as regular expressions, for log, event and correlation analysis.
  • Experience scripting in Python, PowerShell, VBScript

Min. Citizenship Status Required: US Citizen

Location: Crownsville, MD (on-site)

Schedule: Day/ Night Shift (you will be assigned to either shift, this is not a rotating schedule)
  • Week 1
    • Mon-Tues, Fri-Sun, 6am-6:30pm/ 6:00pm-6:30am
  • Week 2
    • Wed-Thurs, 6am-6:30pm/ 6:00pm-6:30am

Physical Requirements: N/A

Working at DMI

DMI is a diverse, prosperous and rewarding place to work. We provide our employees with competitive benefits, educational assistance, and career growth opportunities. Every employee is valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.

The company does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans, and to treat qualified individuals without discrimination on the basis of their physical or mental disability or veteran status. DMI is an Equal Opportunity Employer Minority/Female/Veteran/Disabled.

No Agencies Please

Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

#LI-CA1

Vacancy expired!

Report job