SAIC is seeking a Senior SOC Analyst (Tier 3) to join our team providing Security Operations Services for a major state & local government customer located in Texas. This position reports to our Cybersecurity Operations Director and is a member of the 24x7-security operations team. This senior analyst will be primarily accountable for the investigation and management of escalated events and incidents from Tiers 1 and 2, and collaboration with other technical support teams in the investigation, remediation and prevention of cybersecurity threats. Primary job responsibilities include:
- Manage escalations for cybersecurity events and incidents received from Tier 1 & 2 staff
- Provide detailed analysis of security events and investigations
- Coordinate and collaborate with peer technical teams for the investigation, remediation and implementation of preventative measures for cybersecurity events and incidents
- Act as forensic investigations subject matter expert
- Utilize advanced threat hunting techniques, tools, and procedures to identify risks to the environment
- Perform efficiency analysis and tuning for SIEM tools including event rules and filtering, reporting, and rule management
- Provide coaching, training, and support development of documentation for Tier 1 and 2 staff
- Provide 24x7 monitoring and analysis of SIEM events to identify potential security risks and vulnerabilities
- Triage events and investigate to identify security incidents
- Log security incidents in the IT ticketing system
- Manage security incidents throughout their lifecycle to closure
- Receive input from threat intelligence sources and analyze events to identify threats and risks
- Provide support for routine reporting
- Support ad-hoc data and investigation requests
- Conduct security and vulnerability scans as directed using established processes
Experience, Education and Certification
- 4 years of experience as a SOC analyst including a SIEM tool; event triage and incident management
- SIEM tuning and administration
- Work in a team environment
- Bachelor’s degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, etc.) and five (5) or more years of relevant experience. Alternatively, a Master’s degree in a relevant field of study and three (3) or more years of relevant experience.
- Relevant cybersecurity experience including SIEM operations, forensic acquisition and analysis of evidence, event management, and incident management
- Cybersecurity certification (e.g. CISSP, CEH, etc.)
- Experience with SIEM tools (e.g. Splunk)
- Experience with Forensic tools (e.g. EnCase)
- Excellent oral and written communication skills
- Demonstrated experience with leading incident response calls, meetings, and activities by providing direction to other team members and partner vendors
- Experience with Microsoft Office including Word and PowerPoint
- Experience with ITIL, ITIL certification
- Experience with reporting and reporting tools
This role is temporarily remote and will require work on site in either Oak Ridge, TN or Cookeville, TN.
Target salary range: $75,001 - $100,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.