SOC Analyst - Secret Clearance Required

About Coalfire

Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.  Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies.  Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges. 

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.  

We’re currently seeking an experienced SOC Analyst to support our team in Crystal City (Arlington, VA).

Location Details

This is a full time on site position with our Coalfire Federal team supporting a government customer. Open to local candidates in the DMV only. 

What you'll do

• Monitors and analyzes for potential threat activity.
• Provides real-time alerting and monitoring by capturing, indexing, and correlating data in a searchable repository to generate graphs, reports, alerts and visualizations. Provides metrics, diagnoses security problems.
• Provides engineering support, operations, and maintenance of security tools.
• Utilizes Security, Information, and Event Monitoring (SIEM) tools to identify security events and incidents to evaluate the effectiveness of current security measures.
• Maintains Tenable Security Center administrator responsibilities, routine maintenance of the front end including but not limited to user accounts, scan polices, and reports.
• Conducts daily and ad-hoc vulnerability scanning on networks and systems.
• Prepares reports of metrics for vulnerability management that is briefed to senior leadership to convey network security status.
• Participates and contributes to weekly meetings with O&M team to discuss vulnerability patch management status.
• Tracks, maintains, and verifies findings. Promote timely remediation before due date and/or work with stakeholders on extension request.
• Conducts DISA STIG baseline configuration scanning of hardware and network devices and manually reviews CAT I and CAT II items that cannot be checked via automated scan.
• Monitors incoming events and maintain Audit Log Management using Splunk Tool.
• Validates hardware and software inventory for a portfolio of systems.
• Uses advanced analytic tools to determine presence of emerging threat patterns and vulnerabilities.
• Utilizes in-depth operational and technical knowledge of security concepts to provide technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation.
• Provides technical evaluations of customer systems and assists with making security improvements.
• Conducts product evaluations, and recommends products, technologies and upgrades to improve the customer’s security posture.
• Conducts testing and audit log reviews.

What you'll bring

In addition to the duties listed above, utilizes the following cyber tools or equivalents:• Splunk Enterprise Security• Q-Audit ICS-500-27 Splunk application• Tenable Nessus Security Center• Cylance• Extrahop• Burp Suite

Education 

Completed Bachelor’s degree from an accredited university, preferably in an IT related field, or significant equivalent experience.

Clearance / Suitability 

An active Secret or Top Secret clearance is required.

Certifications One or more of the following: CISSP, or CISA, or CISM, or Security+, CAP

Years of Experience 

• • At least five (5) years of information technology, cybersecurity experience for a consulting organization, including skills and responsibilities relative to the SOC role

Bonus Points

• Previous DOJ experience
• Military experience

Why you'll want to join us

Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.

Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.

You’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.  

Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.