Saliense

Network Security Operations Center (NSOC) Analyst

Arlington, VA, US

$100
4 days ago
Save Job

Summary

Who is Saliense?

Saliense is a growing Management and Technology Consulting Solutions provider based out of Mclean, VA. We work to solve our client’s toughest challenges within the Defense, Civilian, Financial, and Healthcare industries. Our diverse employees support vital missions for government and commercial customers. For more information, visit www.saliense.com.

Why Saliense?

In addition to providing a fun, energetic environment that promotes innovation and personal growth, we offer excellent compensation packages with plenty of opportunities for advancement. We pay 100% of the premiums for employee Healthcare, including medical, dental, and vision. We offer a 401K match, and all company contributions are 100% vested immediately. Since we believe in work-life balance so much, we offer 20 days of paid leave per year. Use it as you need it or use it all at once and go travel for a month! We are proud to offer parental leave.

There are many more - connect with us to get a preview of the full benefits package.

This role is 5 days per week onsite in Arlington, VA.

Position Description:

Saliense is now hiring a Network Security Operations Center (NSOC) Analyst to join our team in support of the Office of Naval Research (ONR) in Arlington, VA. Candidates must possess an active Secret Clearance and meet DoD IAWF IAT Level II qualifications to be considered. This is a 100% onsite contract in Arlington, VA.

The NSOC Analyst will assist the ONR in maturing the Network Security Operations Center (NSOC). The Analyst will directly support the NSOC Team working in collaboration with the Information Assurance (IA)/Cybersecurity/Computer Network Defense (CND) Team to perform security information and event management (SIEM) tasks and other network operations support tasks.

Duties & Responsibilities:

  • Analyzes information security requirements, translates requirements into security designs, implements security designs, and tests effectiveness.
  • Provides Threat Reconnaissance for ISSM and Operations using all available tools and information.
  • Possesses and employs working knowledge of standard information security products including Security Information Event Management Tools, Access Control Lists, intrusion detection systems (IDS), Endpoint Security, vulnerability testing and security analysis tools.
  • Demonstrates competence in all phases of security requirements analysis and information security system design as well as available products and management practices.
  • Understands U.S. Government security policy including DoD and appropriate civil agencies such as NIST, as well as commercial best practices.
  • Conducts system integration of Uses the Trellix product suite to evaluate and act on events.
  • Operates, understands, and provides Cyber Analyst reports from the Trellix ESM/SIEM tool, Trellix ePO/HBSS tool, Splunk, MDE, SolarWinds and understands Cyber Security Products such as Tenable/ACAS - Nessus scanner.
  • Assists in the development and tuning of automated response playbooks using SOAR platforms and coordinates with solution providers and vendors as needed.
  • Investigates and initiates Incident Response and Incident Handling procedures for SIEM events; maintains and continuously improves the NSOC Incident Response Plan.
  • Generates, monitors, and tracks incidents generated by the SIEM suite through resolution.
  • Ingests and correlates threat intelligence feeds (e.g., IOCs, MITRE ATT&CK, ISACs) with SIEM data to proactively identify and respond to evolving threats.
  • Assists IA by validating enclave and subsystems and providing proper logging, log retention, and providing accurate audit trails per NIST requirements.
  • Provides a continual assessment of network device configuration and compliance ensuring rouge devices are located and removed for the system as soon as possible.
  • Reviews and provides guidance on the proper implementation of DISA Security Technical Implementation Guide (STIG) requirements to Operations team.
  • Serves as Cyber Security technical liaison between Network Security, Network Operations team, and IA team concerning implementation of newer technologies to ONR infrastructure.
  • Ingest and correlate threat intelligence feeds (e.g., MITRE ATT&CK, ISACs, DHS feeds) with SIEM data to proactively identify evolving threats.
  • Leads and mentors junior NSOC analysts to ensure knowledge transfer, standard operating procedure adherence, and ongoing team development.
  • Develops and presents security metrics, trend analysis, and executive briefings to senior leadership regarding ONR’s threat posture and NSOC performance.
  • Reviews, implements, and continuously enhances technical security measures and controls based on evolving risk and operational needs.
  • Develops, reviews, and updates NSOC operational policies and incident response processes to align with ONR mission requirements and evolving cybersecurity standards.


Requirements:

  • Bachelor’s degree
  • 5+ years of experience related to Cyber Analysis and Security
  • Experience and familiarity with Trellix Suite and/or SIEM tools/technology, ServiceNow ticketing system, Splunk, Azure Boards and ITSM Framework
  • Experience with End Point Detection and Response (EDR) tools such as Microsoft Defender for Endpoint (MDE)
  • IAT Level II certification (Security+ CE or equivalent) AND Operating System (OS)/Computing Environment (CE) certification
  • Active Secret Clearance or interim Secret Clearance

How strong is your resume?

Upload your resume and get feedback from our expert to help land this job

MORE JOBS LIKE THIS

People also searched: