SOC (Security Operations Center) Analyst in Huntsville, AL (Secret cleared)

Deloitte - Huntsville, AL

posted 5 months ago

Full-time - Entry Level
Huntsville, AL
10,001+ employees
Professional, Scientific, and Technical Services

About the position

As a SOC (Security Operations Center) Analyst at Deloitte's Government and Public Services Cyber Practice, you will play a crucial role in enhancing the cyber security posture of our clients. This position is designed for individuals looking to elevate their cyber career and technical skills while contributing to a culture of cyber awareness and resilience. You will be part of a dynamic team that advises, implements, and manages solutions across various domains including Strategy, Defense and Response; Identity; Infrastructure; Data; and Application Security. Your work will involve analyzing technical solutions to identify and evaluate security gaps in industrial control systems (ICS) and Operational Technology (OT). In this role, you will assist in the implementation of projects from initiation to completion, working closely with the SOC Requirements Lead and SOC Manager. You will also be involved in building the SOC and providing analyst support once it is operational. Collaboration with other teams, including OT Subject Matter Experts (SMEs), Infrastructure Team, and Analytics Team, will be essential to determine effective monitoring solutions and performance thresholds. You will respond to OT/ICS security incidents, collecting and analyzing data to ensure incidents are managed according to established playbooks and standard operating procedures. Your responsibilities will also include actively monitoring multiple data points and SIEM to identify potential security issues, creating and maintaining metric reporting for senior management, and participating in the continuous improvement of security operations through updates to standard operating procedures and playbooks. This position offers a unique opportunity to work with cutting-edge cyber security tools and to grow both vertically and horizontally within the organization.

Responsibilities

  • Analyze technical solutions to help clients identify and evaluate security gaps in industrial control systems (ICS) and Operational Technology (OT).
  • Assist in the implementation and projects from initiation to completion alongside the SOC Requirements Lead and SOC Manager.
  • Assist in building the SOC and later provide analyst support once stood up.
  • Work closely with other workstreams to determine monitoring solutions, performance thresholds, and visualization capabilities.
  • Respond to OT/ICS security incidents and escalations by collecting and analyzing data, while gathering digital evidence.
  • Actively monitor multiple data points and SIEM to identify potential security issues for remediation and triage activities.
  • Participate in creating and providing updates to standard operating procedures, playbooks, and other documentation for continuous improvement.
  • Lead and generate end of shift reports/after action reports for documentation and knowledge transfer.
  • Create and maintain metric reporting (KPI's/KRI) for senior management reporting.
  • Review closed cases, open cases, and threat intelligence to make recommendations for preventative controls.

Requirements

  • Bachelor's degree and 2+ years of relevant experience.
  • Active Secret Security Clearance required.
  • Must be legally authorized to work in the United States without the need for employer sponsorship.
  • Must have 8570 requirements for the position category or specialty and level (i.e. CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+).
  • Advanced knowledge in incident response, vulnerability management, analytics, reconnaissance, security intelligence, and automation/scripting experience.
  • Familiarity with malware and attack techniques.
  • Understanding of Information Technology vs Operational Technology security challenges.
  • Interest or working knowledge of Operational Technology/Industrial Control System (OT/ICS).
  • Experience with workflow management, analytic capabilities, Security Information Event Management (SIEM), SOC disciplines, and vulnerability tools (Splunk, ServiceNow, VirusTotal, RiskIQ).
  • Ability to recognize potential, successful, and unsuccessful attempts to exfiltrate data/intrusion attempts.

Nice-to-haves

  • Experience in standing up a SOC and building out procedures for SOC day to day work.
  • Advanced knowledge of network traffic monitoring for security events to perform triage analysis and identify security incidents.
  • Excellent communication and writing skills, detail oriented, and ability to work as an individual contributor and with a team.
  • Ability to handle multiple competing priorities in a fast-paced and high-pressure environment.
  • Experience in mentorship, training, and guiding junior members of a SOC team.

Benefits

  • Broad range of benefits including health insurance, professional development opportunities, and a diverse and inclusive culture.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service