Jacobs SOC Analyst Tier I in Columbia, Maryland
SOC Analyst Tier I
“Jacobs National Security Solutions (NSS) provides world-class IT network and service management capabilities; cutting edge cyber threat awareness and cybersecurity solutions; innovative web- and software applications development; and advanced data analytics for major clients in the Intelligence Community, Department of Defense, and Federal Civilian Agencies.
Our forward thinking solutions deliver an integrated approach to IT network design and management, full lifecycle IT service management, IT service delivery, asset management, logistics and procurement, and vendor management. We leverage the expertise and passion of our employees to conduct identity and access management, penetration testing, and vulnerability assessments for our nation’s most closely guarded agencies and networks. Our Cyber Security Operations Centers ensure safe, effective network operations for Federal clients while our data scientists are helping stop illegal acts before they can endanger Americans or our way of life.
Jacobs promotes a culture of operational excellence to create a safer, smarter, and more connected world while upholding the highest standards of compliance, quality and integrity.
We continue to thrive and need your talent and motivation to help propel us farther, faster.”
Jacobs is seeking a SOC Analyst Tier I for the Columbia, MD office. The shift will be Sunday - Wednesday, 9pm - 7am. Duties will include:
Monitor network traffic for security events and perform triage analysis to identify security incidents.
Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with NIST 800-61 and organizational SOC requirements.
Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
Working knowledge of one or more of the following tools is desired: Splunk, McAfee EPO, Symantec Endpoint, RSA | Security Analytics, NIKSUN, Wireshark, or other information security tools.
Conduct research on emerging security threats.
Provides correlation and trending of Program’s cyber incident activity.
Develops threat trend analysis reports and metrics.
Supports SOC analysis, handling and response activity.
Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
Author Standard Operating Procedures (SOPs) and training documentation when needed.
US Citizen – Must be able to obtain a Public Trust clearance
Associate of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus one (1) to three (3) years of directly related experience or any equivalent combination of education, experience, training and certifications.
Must have familiarity with US-CERT Federal Incident Notification Guidelines
2 years of experience in information security
Understanding of NIST Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide
Exceptional working knowledge of TCP/IP Networking and the OSI model
Experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
Strong customer service skills and decision-making skills
Strong working knowledge of windows and Linux command-line tools, networking protocols, systems administration and security technologies
Experience creating actionable content for a diverse range of commercial security tools and/or SIEM technologies
Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
Certified Information Systems Security Professional or Associate
EC Council Certified Ethical Hacker (CEH)
Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Certified Incident Handler (GCIH)
1 year experience in SOC/CIRT
SIEM experience - Splunk preferred
Essential Job Functions
General Office environment - The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers.
Most work will be done at a desk or computer. Must be able to lift 20 lbs.
Equipment and Machines:
General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.
Attendance is critical at all times. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.
Other Essential Functions:
Must be able to communicate effectively both verbally and in writing. Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation. Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must take and pass a drug test and background check
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. Jacobs is a background screening, drug-free workplace.
Primary Location United States-Maryland-Columbia
Req ID: I2S0002T0