SAIC is seeking a SOC Analyst (Tier 2) to join our team providing Security Operations Services for a major state & local government customer located in Texas. This position reports to our Cybersecurity Operations Director and is a member of the 24x7-security operations team. This is an experienced, mid-level team member. Primary job responsibilities include:
- Manage escalations for cybersecurity events and incidents received from Tier 1 staff
- Provide detailed analysis of security events and investigations
- Provide coaching, training, and support development of documentation for Tier 1 staff
- Provide 24x7 monitoring and analysis of SIEM events to identify potential security risks and vulnerabilities
- Triage events and investigate to identify security incidents
- Log security incidents in the IT ticketing system
- Support forensic acquisition and analysis of evidentiary data
- Utilize advanced threat hunting techniques, tools, and procedures to identify risks to the environment
- Manage security incidents throughout their lifecycle to closure
- Coordinate with other, remote technical teams to investigate, document, and resolve issues
- Make recommendations for ongoing tuning and updates to the SIEM system
- Receive input from threat intelligence sources and analyze events to identify threats and risks
- Provide support for routine reporting
- Support ad-hoc data and investigation requests
- Conduct security and vulnerability scans as directed using established processes
- 2 years of experience as a SOC analyst including a SIEM tool; event triage and incident management
- Bachelor’s degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, etc.) and five (5) or more years of relevant experience. Alternatively, a Master’s degree in a relevant field of study and three (3) or more years of relevant experience.
- Relevant cybersecurity experience including SIEM operations, forensic acquisition and analysis of evidence, event management, and incident management
- Excellent oral and written communication skills
- Demonstrated experience with leading incident response calls, meetings, and activities by providing direction to other team members and partner vendors
- Experience with Microsoft Office including Word and PowerPoint
- Cybersecurity certification (e.g. CompTIA Security+, CISSP, C|EH, etc.)
- Experience with ITIL, ITIL certification
- Experience with SIEM tools (e.g. Splunk)
- Experience with Forensic tools (e.g. EnCase)
- Experience with reporting and reporting tools.
Target salary range: $75,001 - $85,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.