Junior Cyber Operations Analyst - Falconwood Inc.

We have an immediate opening for a senior Cyber Security Operations Center (SOC) Analyst to support the Navy Enterprise Business Solutions program office. The SOC Analyst will use Splunk Enterprise Security in a large enterprise environment, write Splunk scripts for events filtering and analysis, and work with operating system administrators in support of alert/incident response for a major SAP/ERP system.

• Will use Splunk Enterprise Security in a large enterprise environment and write Splunk scripts for events filtering and analysis
• Work with operating system administrators in support of Alert/Incident response
• Identify communications paths as it relates to alert/incident investigations
• Understand TCP/IP (IPv4, IPv6) along with related protocols and technologies (HTTP, FTP, SSH, NFS, DNS, NTP, FTP, DHCP, SMTP, SSL, etc.)
• Requires understanding of routing protocols, proxies, and firewalls
• Will maintain documentation of processes, procedures and configurations related to maintaining applications
• Requires knowledge of forensics, network analysis, log analysis, systems hardening, encryption technologies, certificates, mobile, and web application security
• Assist in proactively developing security best practices procedures and processes within the security operations team
• Will write situational analyses for high-risk threats and suggest appropriate courses of action for remediation
• Will document all activities during an incident/investigation and provides leadership with status updates during the life cycle of the incident/investigation
• Requires theoretical knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)