SOC Engineer

Job Locations US-DC-Washington | US-TX-Fort Worth | US-MO-Kansas City | US-Remote / Telework
Job ID 2022-4203
Type
Regular Full-Time

Position Description

Valiant Solutions is seeking a SOC Engineer  to join our growing and innovative team supporting a large federal client. 

 

Candidates will join a fast-paced and creative team of incident response engineers, penetration testers, SOC operations and forensic analysts focusing on the identification, interrogation, exploitation, and reporting of incidents for the enterprise. The security event and alert analysis will be end-to-end including the network, underlying servers and infrastructure (physical and virtual) as well as the application.  The successful candidate must have a strong understanding of SIEM and supporting forensic tools.  Valiant Solutions has been named one of the Best Places to Work in the DC area EIGHT years in a row!  

 

This position allows for 100% remote work. Remote work necessitates a high-level trust in our employees and we strictly adhere to the details found below in our Remote Work Policy. 

 

Required Skills:

  • 6-8 Years of Security Engineer experience, including at least 3 years of SOC / Incident Response experience 
  • Strong understanding and demonstrated experience and proficiency in event and alert analysis focused on alert tuning and resolution of false positives; ensuring only valid events and alerts reach the SIEM (from tools such as Carbon Black, FireEye, Palo Alto, Cylance, Antivirus Solutions, EDR Tools and OSSEC)
  • Demonstrated experience analyzing underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools
  • Demonstrated development proficiencies with an enterprise SIEM or security analytics solution such as Kibana (ELK), Splunk, or LogRythm.
  • Scripting experience with PowerShell, bash, Perl, Python, or Ruby applied to automation of SOC and log analysis activities in support of SOC operations
  • Strong understanding of enterprise networking and TCP/IP protocols (host based firewalls, anti-malware, HIDS, IDS/IPS, proxy, WAF), Windows and Unix/Linux systems’ operations, TCP / IP protocols, experience providing analysis and trending of security log data
  • Advanced experience providing analysis and trending of security log data from a large number of heterogeneous security devices
  • Solid understanding of application, database, authentication, and network security principles; able to demonstrate: how network services and protocols interact to provide communications, evidence recovery techniques, log data analytics, Incident categories, IR event handling methodologies, intrusion detection systems, network protocol and packet analysis
  • General cyber-attack stages, profiling techniques and techniques for detecting host and network-based intrusions
  • Demonstrate proficiency in the Incident Response Process as well as the performance of threat hunting and SOC operations. Experience in incident detection and response, malware analysis, or cyber forensics
  • Advisory experience in compliance or regulatory frameworks (I.e. FISMA, PCI, GDPR, NIST, ISO)
  • Understanding of system and application security, systems and network administration and operating system hardening techniques
  • Experience with vulnerability scanning tools such as Tenable Nessus, Tenable.IO, Tenable.SC, QualysGuard, etc
  • Experience and solid understanding of Malware analysis
  • Demonstrated experience and understanding of event timeline analysis and APT 
  • Demonstrated proficiencies with application security testing including Chrome extensions

 

Position Description:

 

Candidates will be required to demonstrate proficiency in the Incident Response Process as well as the performance of threat hunting and SOC operations.  Interview will also focus on conceptual and procedural methodologies used to evaluate logical, physical and technical systems compromise. Candidates' understanding of malware analysis, advanced persistent threat, infection vectors and defense strategies will be heavily focused on during the screening process. Additional emphasis will be placed on the candidate’s ability to articulate skills gained from experiences participating in incident response, malware analysis, SOC operations and Threat Hunting. Successful candidates will have a proven track record of designing and advancing endpoint security implementations for medium to large enterprise networks.  This means you will be able to demonstrate experience advancing an individual tool, which could include cross-tool integration, security tool and process automation or specific policy fine-tuning.

 

Responsibilities:

  • Perform alert and SOC data analysis, the outputs of which will provide updates to SOC operations, SOC/IR alerting mechanisms and reductions in false positive alerts through tool rule and alert tuning.  
  • Enhance , Develop and Refine SOC alerts, dashboards and other SOC operational mechanisms
  • Develop SOC and IR Operations specific automations focused on speeding analysis and response
  • Participate in on-call rotation for after-hours security and/or engineering issues
  • Provide input into SIEM log sources, data dictionaries, log parsing, field labeling and other SIEM management activities as needed
  • Perform analysis uncovering attack vectors involving a variety, malware, data exposure, and phishing and social engineering methods.  
  • Support all SOC, Threat Hunt and IR activities as necessary
  • Perform analysis across all security tools uncovering attack vectors involving a variety, malware, data exposure, and phishing and social engineering methods
  • Monitoring security events received through alerts from SIEM or other security tools
  • Review and reporting on anomalous patterns (Hunting) across all security tools / SIEM
  • Participate in cross functional security projects as needed e.g. Purple team activities, vulnerability and risk management discussions, security tooling implementations, firewall analysis, threat hunting 
  • Participate in the remediation of incidents and responses that are generated from live threats against the enterprise.  

 

Preferred Skills:

  • Demonstrated proficiencies with one or more toolsets such as Core Impact and MetaSploit, Endgame, FireEye HX, Crowdstrike solutions
  • Experience and solid understanding of manual and automated penetration methods
  • Demonstrate the suitability and use of COTS and Open Source discovery and analysis toolsets
  • Demonstrate experience with a programming or scripting language (Perl, Python, Ruby, or .Net)

 

Desired Certifications: 

Note: One or more of the following may be required for consideration or attainment in the first 90 days of employment.

GIAC-GCFE - Global Information Assurance Certification Forensic Examiner

GIAC-GCFA - Global Information Assurance Certification Forensic Analyst

GIAC-GREM -  GIAC Reverse Engineering Malware

GIAC-GNFA - GIAC Network Forensic Analyst

GIAC-GCTI - GIAC Cyber Threat Intelligence

GIAC-GPen – GIAC Certified Penetration Tester

GIAC-GWAPT – GIAC Certified Web Application Penetration Tester

GIAC-GXPN – GIAC Exploit Researcher and Advanced Penetration Tester

CEPT - Certified Expert Penetration Tester (CEPT)

CASS - Certified Application Security Specialist (CASS)

CWAPT - Certified Penetration Tester (CWAPT)

CREA - Certified Reverse Engineering Analyst (CREA)  

 

About Valiant Solutions

Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. We are a HUBZone small business and we encourage all candidates who live in a HUBZone to apply. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology’s Fast 50, and Washington Business Journal’s Best Places to Work in the D.C. area, Valiant Solutions prides itself on providing its employees with great benefits and career development opportunities. As a company, we are just as committed to growing careers as we are to building world-class IT solutions, all while enjoying an unparalleled work-life balance. We are in a phase of tremendous growth and building the team that will take us to the next level. We seek people whose talents and accomplishments will contribute to a thriving company, who have the character to support their capacity, and can make a positive impact on our culture. Alongside our talented team, you’ll learn to think quickly on your feet and expand your own personal and professional skill set. Our management team will inspire you to consider new perspectives and challenge you to become a better practitioner in the fast-paced industry of IT security. We hire people we respect – and we trust them to deliver results leveraging their expertise. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today.

 

Benefits Snapshot (includes, but not limited to)

Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time Employees

Valiant contributes 25% towards Health Coverage for Family and Dependents

100% Paid Short Term Disability and Life Insurance Policy for Full-time Employees

100% Paid Certifications

401K Matching up to 4%

Paid Time Off

Paid Time On – 40 hours to pursue innovation

Wellness & Fitness Program

Valiant University – Online Education and Training Portal

Reimbursement for Public Transit and Parking

FSA programs for: Medical Costs, Dependent Care, Transit, and Parking

Referral Bonuses

 

Remote Work Policy 

Remote work necessitates a high-level of trust in our employees. To ensure that employee performance does not suffer in a remote work environment, all employees who telecommute are expected to have a quiet and distraction-free workspace with adequate internet, dedicate their full attention and availability to their job duties during working hours, and maintain a schedule during core business hours that align with those of their coworkers and Valiant's clients. Additionally, in alignment with the Office of the Inspector General’s effort to eliminate conflicting employment, all Valiant employees are required to disclose any current or future outside employment engagements. During onboarding and throughout employment, employees must disclose any current activities or intent to engage in outside employment or other professional activities and obtain written approval.  Employees may not solicit or conduct any outside business during core business hours for Valiant Solutions and our clients.

 

Vaccination Mandate

In accordance with Executive Order 14043, Federal employees and contractors are required to be fully vaccinated against COVID-19 regardless of the employee's duty location, or work arrangement (e.g., telework, remote work, etc.), subject to exceptions that may be required by law. If selected, you will be required to submit proof of vaccination on or before your entrance on duty if you are selected after the compliance date. Human Resources will provide information for providing proof of vaccination and instructions for how to submit a request for a legally required exception, if needed, to comply with vaccination requirements.

 

Equal Employment Opportunity

Valiant Solutions is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, sex (including pregnancy, sex stereotyping, gender identity, gender expression or transgender status), religion, age, marital status, sexual orientation, military/veteran status, physical or mental disability, genetic information/history or any other personal characteristic protected by law.

 

Physical Demands

Sitting or standing at a desk for prolonged periods of time and consistent operation of a computer. Frequent communication and exchanging of accurate information via electronic communication, phones, and in person. Occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.

 

Authorization to Share Resume and Personal Information

By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed