Security Operations Center (SOC) Tier 1 Analyst - Voice Focus
Apply For this position:
To apply for this position send a Microsoft Word copy of your resume to HR@zavda.com
Zavda was founded in 2006 and is a SDB certified, Service Disabled Veteran owned, and Woman owned small business that offers leading IT management, Intel, and Cyber opportunities in both the private and public sector. Zavda is looking for a SOC Tier 1 Analyst to join the team to be responsible for analyzing / monitoring network traffic for a global implementation of Microsoft UC (Skype for Business).
Duties and Responsibilities:
- Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs
- Prioritizing and differentiating between potential intrusion attempts and false alarms
- Creating and tracking security investigations to resolution
- Opening tickets and assigning to correct resolver and validating/closing tickets related to false positives.
- Providing Tier 1 investigation, triage, and mitigation of detected security events
- Composing security alert notifications and other communications
- Advising incident responders in the steps to take to investigate and resolve computer security incidents
- Staying up to date with current vulnerabilities, attacks, and countermeasures
- Responsible for working in a 24x7 Security Operation Center (SOC) environment
- Provide analysis and trending of security log data from a large number of heterogeneous security devices.
- Provide Incident Response (IR) support when analysis confirms actionable incident.
- Provide threat and vulnerability analysis as well as security advisory services
- Analyze and respond to previously undisclosed software and hardware vulnerabilities
- Investigate, document, and report on information security issues and emerging trends.
- Coordinate with Intel analysts on open source activities impacting SLTT governments.
- Integrate and share information with other analysts and other teams
- Other duties as assigned
Skills and Abilities
- Ability to use assessment tools and other security tools found in large network environments; along with ability to work with Security Information and Event Management (SIEM) solutions, including Splunk
- Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages
- Familiarity with and the ability to follow ITSM, ITIL, and InfoSecurity Best Practices
- Candidates must be able to work on-site at Federal Agency located in the Vienna, VA or San Antonio, TX areas
- Authorized to work in the US without sponsorship now or in the future
- The ability to communicate security events, potential impacts, and actions taken to higher-tier resolvers and management team
Certifications and Experience
- Meet IAT II Certification requirements
- Security+ Certification is required
- 2+ years of related experience in a Security Operations Center capacity
- Previous experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), Cyber Defense Team (CDT), or a Security Operations Center (SOC)
- Experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability management and Federal/Military security protocols
- Experience with Log Event Monitoring solutions is strongly desired but not required
Vienna, VA, Purcellville, VA and San Antonio, TX
Zavda is a small business and an equal opportunity employer- Veteran/Female/Minorities/Individual with Disabilities. With Zavda you have the opportunity to provide dependable solutions and support that with benefit the national security missions. Zavda prides itself to providing continual professional growth and success for the Zavda Team.