Northramp is looking for smart, creative individuals interested in helping grow something truly unique in our markets.

 

As a Tier 1 SOC Analyst you and the team will be responsible for manning a 24x7x365 coordination center and responding to alerts, notification, communications and providing incident response activities such as tracking the incident, communication with stakeholders, remediation and recovery actions and reporting.  Ensure reports are properly entered into the incident tracking system. Expected to have basic knowledge of cybersecurity incidents, anomaly analysis, log analysis, digital forensics, common threat vectors and be able to comprehend reports and determine what additional action and response activities may be required to resolve an incident. The ideal candidate must have an understanding of Splunk SIEM and supporting forensic tools.  

 

We are currently looking for a Tier 1 SOC Analyst who will:

 

  • Perform incident response analysis uncovering attack vectors involving a variety, malware, data exposure, and phishing and social engineering methods.  
  • Participate in the remediation of incidents and responses that are generated from live threats against the enterprise. 
  • Recording and reporting all incidents per Federal policy, department policy and legislation.
  • Creating and tracking network incidents and investigations through completion
  • Serve as a point person for Incident Management; providing coordination and assignment of activity for all entities party to incident response event
  • Monitor security events received through alerts from SIEM or other security tools
  • Revise alerts escalated by end users
  • Maintain assigned ticket queue
  • Supports/develops reports during and after incidents, which include all actions taken to properly mitigate, recover and return operations to normal operations
  • Support forensic investigators and application security analysts in reactive and proactive Threat Hunting engagements, performing endpoint, network, and log analysis
  • 3+ years of relevant work experience
  • US Citizenship and must be able to pass background investigation
  • Demonstrate proficiency in the Incident Response Process.
  • IDS monitoring and analysis, analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarms
  • Good understanding of system log information and what it means, where to collect specific data/attributes as necessitated per Incident Event (host, network, cloud, etc)
  • Understanding of enterprise networking (host-based firewalls, anti-malware, hids, IDS/IPS, proxy, WAF), Windows and Unix/Linux systems’ operations, TCP / IP protocols, experience providing analysis and trending of security log data
  • Experience creating and tracking investigations to resolution
  • Experience with vulnerability scanning tools such as Tenable Nessus, Tenable.IO, Tenable.SC, QualysGuard, etc
  • Experience with Endpoint security solutions, but not limited to FireEye Solutions, Antivirus Solutions, EDR Tools
  • Advisory experience in compliance or regulatory frameworks (I.e. FISMA, PCI, GDPR, NIST, ISO)
  • Solid understanding of application, database, authentication, and network security principles; able to demonstrate how network services and protocols interact to provide communications, evidence recovery techniques, log data analytics, Incident categories, IR event handling methodologies, intrusion detection systems, network protocol and packet analysis
  • Understanding of system and application security, systems and network administration and operating system hardening techniques
  • General cyber-attack stages, profiling techniques and techniques for detecting host and network-based intrusions
  • Knowledge of evidence recovery techniques, preservation of evidence integrity, and collection of forensically sound collection of images, logs, and other critical components to discern possible mitigation/remediation of systems
  • Understanding of Computer Network Defense (CND) policies, procedures, and regulations
  • Excellent organizational, verbal, presentation/facilitation, and written communication skills
  • Experience composing security alert notifications
  • Ability to concisely communicate events of a technical nature incident responders to assist in the investigation and resolve computer security incidents
  • Very strong spoken and written communication and organizational skills

This role is contingent upon funding.



Clearance

 

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.


Federal COVID-19 Vaccine Mandate

Based on the federal COVID-19 vaccine mandate posted on covered contractors, candidates must have received or be willing to receive the COVID-19 vaccination to be considered. Proof of vaccination is required. Medical and/or religious exemption requests will be considered. We will make a determination on your request for reasonable accommodation on a case-by-case basis.

About Northramp

 

At Northramp, our passion, our true north, is to help our clients cut through the fog and obtain technical and operational clarity to help them make the most significant impact possible.  Focused like a laser on driving value for our clients, Northramp specializes in helping public and private sector clients streamline their IT operations, improve their technical services, and drive greater returns from IT investments.

 

If you are curious in learning more about Northramp, please visit our website at https://www.northramp.com.

 

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

 

Reasonable Accommodation Requests

Northramp is committed to working with and providing reasonable accommodation to individuals with physical and mental disabilities. If you need special assistance or an accommodation while seeking employment, please e-mail PeopleOPS@northramp.com or call: 703-772-5588 - Northramp Human Resources. We will make a determination on your request for reasonable accommodation on a case-by-case basis.

 

EEO is the Law

The law requires Northramp to post a notice describing the Federal laws prohibiting job discrimination. For information regarding your legal rights and protections, please click on the following link: EEO is the Law and EEO is the Law Supplement.

 

Pay Transparency Non-Discrimination

Northramp will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. Please see the Pay Transparency Nondiscrimination Provision for more information.

 

E-Verify

As a Federal Contractor, Northramp is required to participate in the E-Verify Program to confirm eligibility to work in the United States. For information please click on the following link: E-Verify.

This position has been filled.