SOC Analyst
Tuknik Government Services

Tuknik Government Services (TGS), a Koniag Government Services (KGS) company, is looking for experience SOC Analysts to support our government customer in Lakewood, CO.

We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

The Security Operations Center (SOC) is responsible for monitoring and enforcing compliance with documented and distributed system security standards. SOC protects client's critical assets by anticipating and leading the response to potential computer-related threats and vulnerabilities. Several systems within the security architecture allow the SOC the ability to identify threats in a proactive manner. Staffing dedicated to this effort provides the continuity of effectiveness necessary for client to respond to more advanced threats, and to adapt to network changes initiated by other Systems components. In addition, the correlation of events with data collected from other SOC initiatives will substantiate a more complete analysis of current network stability against threats.

The objective is to ensure client has suitable personnel and processes in place to properly identify investigate, and remediate inappropriate and suspicious network behavior within the Enterprise Network. This activity is performed at approximate real-time to mitigate common, new, and unknown threats to client's Information System Network. The pay for this position is $26/hr to $36/hr, based on experience and education.

Shifts: Sunday to Thursday from 8pm to 430am OR Tuesday to Saturday from 7pm to 330am.

Essential Functions, Responsibilities & Duties may include, but are not limited to:

The contractor shall monitor, analyze, and manage the health of the network security operations systems. The contractor shall respond to events by documenting and investigating alerts generated by these systems.

• Provide 24/7/365 monitoring and analysis of Security event alerts across the enterprise network.
• The contractor shall monitor agency systems and daily log events to identify potential security threats. Sources include, but not limited to, sensor alert logs, firewall logs, content filtering logs, and Security Event Manager.
• The contractor shall utilize email, instant messaging, and other monitoring tools to remain aware of current network threats
• The contractor shall review all incoming alerts, properly investigate and ticket all identified potential security threats within the agency incident response-ticketing platform.
• The contractor shall open a ticket for every potential security threat encountered and investigated throughout the course of their shift.
• The contractor shall analyze all levels of potential security threats and document findings within the agency incident response ticketing platform
• The contractor shall validate traffic and/or network activity (per alerts/logs) as anomalous in accordance with previously established Standard Operating Procedures, will be provided at the start of this subtask.
• The contractor shall identify, investigate, and escalate potential security threats to senior technicians residing in the Threat Remediation and Vulnerabilities Branch in accordance with established Standard Operating Procedures.
• The contractor shall utilize agency Security Event Manager Software to measure and model traffic, while identifying patterns and ports.
• The contractor shall manage the resolution of computer security events that affect client's information systems through the use of SOC provided incident response ticketing system.
• Use the incident response-ticketing platform to determine and document problem status, resolution, and prevention measures.
• The contractor shall produce ad-hoc reports as directed by the task manager.
• Provide written reports to the SOC Manager detailing all security events related to network security matters and submit these reports according to the procedures and reporting requirements established in the SOPs and guidelines.
• The contractor shall prepare monthly reports for insertion into the US-CERT Report.
• The contractor shall prepare a monthly report on the status and progress of all current open security incident tickets and ad-hoc assignments.
• The contractor shall perform a preliminary analysis of collected data.
• The contractor shall investigate Open Source Threat Intelligence in accordance with established procedures.
• The contractor shall communicate information to remediation technicians within the Threat Vulnerabilities and Remediation Branch, and may be required to provide assistance with remediation after the technicians are consulted.
• The contractor shall also identify the necessity for, and implementation of, the creation of new intrusion detection signatures.

Education:

• Required ACTIVE cert: CompTIA A+
• Also, at least one of the following ACTIVE certifications is required:
  • CompTIA Security+
  • CompTIA CySA+
  • CompTIA Network+
• 3-4 years of experience in application related system administration and/or related field.
• BS Degree in Computer Science or related field preferred.

Work Experience, Knowledge, Skills & Abilities:

• The contractor shall possess a working knowledge of Security Operations and the role such systems play in detecting intrusion attempts.
• The contractor shall have comprehension of, and experience with, most viruses and worms, which may infiltrate and propagate throughout a large network.
• The contractor shall provide potential security threat reporting and tracking by means of the Change Asset Problem Reporting System (CAPRS) and other Incident Response specific support systems, as directed by the task manager. Client will provide training, limited to Agency specific software, processes, and procedures.
• The contractors shall have strong oral presentation skills and the ability to articulate English in a clear and concise manner.
• Must be able to obtain a client sponsored Public Trust level of adjudication.
• Contractors may be required to report for duty during period of inclement weather and other emergency situations. If a contractor is required to report for duty, the COTR, or an assigned alternative, will personally notify the contractor's Program Manager, or an assigned alternate. This could include being asked to report to an alternate location.

Working Environment & Conditions:

This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand; walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The work load may require the incumbent to sit for extended periods of time. The incumbent must be able to read, do simple math calculations and withstand moderate amounts of stress. The incumbent must occasionally lift and/or move up to 25 lbs. Specific vision abilities required by the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus.

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or to apply to a position on our website, please contact Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations. This contact information is used for accommodation requests only and cannot be used to inquire on a status of your application.

About Our Company:

Tuknik Government Services (TGS) is 8(a) certified company providing leading edge information technology solutions and professional services to Government clients. Our approach is to provide experienced and talented teams that utilize industry best practices to support our clients in identifying and implementing "world class" solutions for their vital program requirements. TGS optimizes performance by using the latest in cutting edge technologies to build and deliver solutions. TGS helps clients meet their performance objective by delivering a vast array of services ranging from large and complex IT and business services to highly specialized work place systems. We focus on performance improvement as well as the processes, leadership and behavior dynamics that underpin the achievement that supports business success.

EOE Minorities/Female/Protected Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352

#LI-DM1

This job has expired.