SOC Incident Response Analyst MID
Fulton County, GA
Business Group Highlights
The Health group provides solutions to help government healthcare agencies lower administrative costs, reduce fraud and abuse, and improve the quality of services for individuals. We also provide analytics that combine clinical knowledge with big data technology and techniques to transform petabytes of data into meaningful solutions for our customers.
The SOC Incident Response Analyst must be competent to work at a high technical level and be capable of identifying threats, and threat vectors that cause security events. Performs network security monitoring and incident response for client
Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation.
Creates, modifies, and updates Security Information Event Management (SIEM) rules.
Recognizes potential, successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.
Evaluates/deconstructs malware (e.g. obfuscated code) through open-source and vendor provided tools.
Communicates alerts to client regarding intrusions and compromises to their network infrastructure, applications and operating systems.
Prepares briefings and reports of analysis methodology and results.
Creates and maintains standard operating procedures and other similar documentation.
Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary and open source resources to provide indication and warnings of impending attacks against networks.
Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
Monitors critical network elements and applications using various network monitoring systems in a 7X24X365 Network Operations Center (NOC). Troubleshoots, repairs and maintains telecommunications networks in a NOC environment. Tests new and already installed hardware and software. Uses computerized network management systems to check for system alarms when parts of the network are not working properly and jeopardizing the level of communication services available to customers. Follows procedures to validate, troubleshoot and escalate issues. May work second and third shift work and overtime in the event of network outages.
Requires High School level plus some advanced training. 4-5 years of experience.
Experience actively monitoring networks for intrusions and Incident handling using Splunk
Fundamental understanding of networking (TCP/IP)
Candidates must be able to work a flexible schedule within a 24x7x365 Security Operations Center (SOC) environment, as well as may be expected to work holidays.
Excellent analytical and problem solving skills
What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sectorfrom investigative services and IT strategy to systems work and next-generation engineering.
Our promise is simple: never stop solving our nations most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to just that, as a partner of choice across the entire sector.
Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories.
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed
As a government contractor, Perspecta abides by the following provision
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)