Department of Homeland Security (DHS), Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.
The DHS SOC Support Service Contract has a need for a Tier 1 Cyber Threat Analyst. This is a full time funded position based in Washington DC. This position does not have Telecommuting Options.
The ideal candidate will have a basic understanding of cyber threats, information security, and monitoring and detection. The candidate must be familiar with TCP/IP ports and protocols, intrusion detection systems, and netflow analysis.
Duties and Responsibilities:
Perform network security monitoring and detection. Proactively searching for threats. Inspect traffic for anomalies and new malware patterns. Investigate and analyze logs. Provide analysis and response to alerts, and document activity in SOC investigations and Security Event Notifications (SENs).
EDUCATION & EXPERIENCE:
Requires BS degree and 2 - 4 years of relevant experience or Masters with less than 2 years of relevant experience. Additional related experience and certifications may .be considered in lieu of a degree.
Minimum of a current Secret Clearance with the ability to obtain TS/SCI
In addition to specific clearance requirements all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
Between 1-3 years of Cyber Threat Analysis
Security+ Certification or equivalent in industry certification, background and knowledge.
Knowledge of TCP/UDP/IP networking, familiarity with packet analysis tools such as WireShark, and a general understanding of networking protocols similar to COMPTIA Network+