at Applied Insight LLC in Scott Air Force Base, Illinois, United States
Job Description
Job Description
About Us: Innovating to solve real-world problems
Applied Insight enhances the ability of federal government customers to preserve national security, deliver justice and serve the public with advanced technologies and quality analysis. We work closely with agencies and industry to overcome technical and cultural hurdles to innovation, empowering them with the latest end-to-end cloud infrastructure, big data and cyber capabilities. Our expertise in cross-domain and boundary solutions, network analytics, DevOps and low-to-high development is unique in our industry. We develop and deliver innovative products and applications that are deployed in highly sensitive customer environments and have broad applications for federal missions.
On joining the Applied Insight team, you'll be working to solve real-world problems on missions that matter with people who share your passions and encourage your ambition. It's vital to us that we hire committed people who are great at what they do. We return that commitment by empowering them with the autonomy, the support and the tools they need to fulfill their true potential.
A day in the life (just a few of the things you may do on any given day):
As a SOC Network Monitoring Analyst:
You will provide operational and technical Subject Matter Expertise (SME) in direct support of multiple systems where the Enterprise Security Services (ESS) team is responsible for ensuring security principles, procedures, and practices under the Risk Management Framework (RMF) are applied to solutions for the United States Transportation Command (USTRANSCOM).
You will excel in this role if you are:
We are seeking a diligent and proactive SOC Network Monitoring Analyst to join our 24/7 Security Operations Center (SOC). The ideal candidate will have a robust understanding of cybersecurity principles and hands-on experience with Splunk, Splunk Enterprise Security (ES), and Splunk User Behavior Analytics (UBA). This role requires round-the-clock monitoring of our mission-critical environment to ensure the integrity, confidentiality, and availability of our services through real-time alerting and rapid response to potential threats.
Provide continuous monitoring and analysis of network traffic and system alerts to identify and combat malicious activities in real-time.
Utilize Splunk, Splunk ES, and Splunk UBA for event correlation, data analysis, and the generation of actionable insights.
Develop and refine SOC monitoring policies, procedures, and documentation to enhance incident detection and response capabilities.
Perform security event and incident correlation using information gathered from a variety of sources within the enterprise.
Conduct initial triage and categorization of potential incidents and escalate according to established procedures.
Participate in the development and tuning of SIEM rulesets, dashboards, and reports to improve monitoring and visibility.
Collaborate with incident responders to ensure rapid resolution of security incidents.
Participate in after-action reviews and contribute to continuous improvement of security monitoring and response processes.
Stay up to date with current vulnerabilities, attacks, and countermeasures.
Perform other duties as assigned.
What we are expecting from you (i.e. the qualifications you must have):
Current Secret or TS/SCI security clearance.
Bachelor's degree in information security, Computer Science, or a related field, or equivalent work experience.
Minimum of 3 years of experience in a security operations center or network operations center environment.
Active CompTIA Security+ (DoD 8570.01-M IA Level II certification) and with CompTIA PenTest+ or CompTIA CySA+.
Demonstrated experience with Splunk, including dashboard creation, reporting, and alerting.
Working knowledge of Splunk ES and UBA for advanced threat detection and analytics.
Ability to work in a fast-paced, 24/7 operation, with flexibility to cover various shifts.
Ability to work independently or with a team (as needed).
Must successfully pass a background check and any additional customer background investigation requirements prior to employment.
What we are desiring from you (i.e. the nice-to-have qualifications):
Certifications in cybersecurity (e.g., CEH, CISSP, or equivalent).
Experience in a Cyber Security Service Provider (CSSP) environment.
Experience with network analysis tools and understanding of network protocols.
Familiarity with incident response and handling methodologies.
Excellent problem-solving skills and the ability to work under pressure.
Strong communication and collaboration skills.
Active security clearance or the ability to obtain one.
Experience with working on a timeline and providing weekly/monthly/quarterly updates as required.
Working knowledge of Microsoft Office products.
What we will provide in... For full info follow application link.
EEO/AA including Vets and Disabled.
