Job Details

Tier 2 CSOC Analyst

Remote Only

Contract

$40/hr - $60/hr

TG Federal is actively seeking a Tier 2 SOC Analyst to join our remote Cybersecurity team to support the federal government.

Responsibilities:

• Identification of Cybersecurity problems which may require mitigating controls

• Analyze network traffic to identify exploit or intrusion related attempts

• Recommend detection mechanisms for exploit and or intrusion related attempts

• Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies

• Escalate items which require further investigation to other members of the Threat Management team

• Execute operational processes in support of response efforts to identified security incidents

• Responsible for monitoring, reviewing, and responding to security alerts and incidents across multiple platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC). Duties include performing threat detection and analysis, investigating suspicious activity, coordinating incident response efforts, and implementing remediation actions. The role also involves tuning security policies, maintaining visibility into cloud and endpoint environments, and supporting continuous improvement of the organization's security posture

• Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements

• Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc.

• Follows strict guidance on reporting requirements

• Keeps management informed with precise, unvarnished information about security posture and events

• Promotes standards-based workflow both internally and in coordinating with CISA

• Engages with other internal and external parties to get and share information to improve processes and security posture

• Guide team efforts

• Leads analyzing/investigating reports or anomalies

Requirements:

• Bachelor's degree (degree can be substituted for equivalent experience)

• Ability to obtain and maintain a Public Trust clearance

• Comp TIA Security+ certification

• 3+ years IT security experience

• 2+ years' experience in network traffic analysis

• Strong working knowledge of:

• TCP/IP Fundamentals

• Network Level Exploits

• Excellent oral and written communication skills

• Excellent interpersonal and organizational skills

• Strong understanding of:

• IDS/IPS technologies, trends, vendors, processes and methodologies

• Common IDS/IPS architectures and implementations

• IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection

• Azure and GCP O365/Microsoft 365 experience

• Developing Splunk queries

• Cloud monitoring experience

You will receive the following benefits:

• Medical Insurance - Four medical plans to choose from for you and your family

• Dental & Orthodontia Benefits

• Vision Benefits

• Health Savings Account (HSA)

• Health and Dependent Care Flexible Spending Accounts

• Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance

• Hospital Indemnity Insurance

• 401(k) including match with pre and post-tax options

• Paid Sick Time Leave

• Legal and Identity Protection Plans

• Pre-tax Commuter Benefit

• 529 College Saver Plan

TG Federal is an Equal Opportunity Employer. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under MRP's Employment Accommodation policy. Applicants need to make their needs known in advance.

Category:

• Security