Job Description

**ManTech** seeks a highly skilled and knowledgeable **Senior** **SOC Analyst** to support a 24x7x365 Watch Floor team and safeguard the confidentiality, integrity, and availability of an organizations information assets. This position is located on customer site in **Huntsville, AL** . There are two (2) shifts available: Morning and Afternoon/Evening with rotation to support to weekends/holidays. As a **Senior SOC Analyst y** our duties include analyzing relevant cyber security event data and other data sources for attack indicators and potential security breaches; produce reports, assist in coordination during incidents; and coordinate with the engineering team to ensure all security monitoring systems are on-line, up to date, and fully operational. **Responsibilities for this position include but are not limited to:** + Monitoring intrusion detection and prevention systems and other security event data sources daily. + Determining if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures. + Correlating data from SIEM / Splunk and Endpoint Detection and Response (EDR) systems with data from other sources such as firewall, web server, and Syslogs. + Tuning and filtering of events and information, creating custom views and content with the assistance of the Engineering and DevOps team. + Conduct monitoring, analyzing, and responding to threats, contribute to Computer Network Defense, and create solutions to augment Defensive Cyber Operations. + Lead threat hunts with other team members for potential APTs / TTPs. + Documenting each incident in the existing ticketing system; documenting procedures for handling each security event detected. + Coordinating with the DevOps and engineering team to ensure production SOC systems are operational and maintained. + Reviewing data with the Cyber Threat Intelligence Team, Incident Response Team and other appropriate groups to determine the risk and threat of an event. + Creating custom queries and develop new use cases to better correlate security event information. + Identifying misuse, malware, or unauthorized activity on monitored networks and infrastructure. + Developing and/or maintaining SOC Standard Operating Procedures (SOPs) and/or Playbooks, which define repeatable processes for activities such as analysis, reporting, and incident response. + Potential limited travel during transition period: travel may be required to Washington DC / Clarksburg WV. **Minimum Qualifications:** + 8+ years of IT experience with 4+ years as a SOC analyst. + Demonstrated experience with using Splunk SIEM. + Experience with incident detection and response, security analysis and support for incident response and post incident analysis. + Demonstrated experience conduct threat hunts. + Experience working with Cyber Threat Intelligence and Forensic teams until incident closure. **Preferred Qualifications:** + Bachelor's Degree in Computer Science or related field. + 3+ years' experience monitoring cloud environments + Experience using Microsoft Sentinel. Prefer 1 or more of the following certifications: + GIAC Continuous Monitoring Certification (GMON) + GIAC Certified Incident Handler (GCIH) + GIAC Certified Forensic Analyst (GCFA) + GIAC Certified Intrusion Analyst (GCIA) + GIAC Network Forensic Analyst (GNFA) + GIAC Cloud Forensics Responder (GCFR) + GIAC Cloud Threat Detection (GCTD) **Clearnace Requirements** + Must hold an active Top Secret with the ability to obtain SCI eligibility. **Physical Requirements:** + Must be able to remain in a stationary position 50% + Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer + The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations. ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at careers@mantech.com and provide your name and contact information.

Job Tags

Holiday work, Shift work, Weekend work, Day shift, Afternoon shift,

Similar Jobs