Cyber Security Operations Analyst

Arlington, VA | Cyber security

If your are passionate about all things cyber security, then the Cyber Security Operations Analyst role with Block.One is for you. The role will afford you the opportunity to work on, be exposed to and receive training on various cutting edge security tools and data sets.

We are looking for a passionate Cyber Security Operations Analyst to join our team in Northern Virginia.

As a Security Operations Analyst for Block.One, you will be part of a team of individuals tasked with providing cyber security services for the company, and its products.
 

Responsibilities

  • Security Monitoring and Analysis

  • Event Triage

  • Cradle to grave incident response

  • Malware research/investigation

  • Threat intelligence gathering and dissemination 

  • Digital forensics

  • Vulnerability assessments and reporting

 

Qualifications

  • BS/BA degree in Cyber Security/Computer Science or equivalent combination of related work experience desired.

  • 5+ years of verifiable experience in the Security Operations space, Security Operations Center (SOC) experience a plus.

  • Experience performing analysis with Security Information Event Management (SIEM) technologies such as Splunk, ArcSight and OSSIM. 

  • Ability to gather and interpret information through the use of computer network defense and forensics tools. 

  • Past experience leveraging threat intelligence data feeds in order to bolster the overall visibility of possible and known threats, and leveraging this data in order to put measures in place to detect and counteract said threats.

  • Experience performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks.

  • Strong working knowledge of TCP/IP stack, as well as L7 protocols (e.g. HTTPS, HTTP, SMTP, DNS) 

  • Possess an in-depth understanding and working knowledge of security appliances/tools such as host based and network based IDS/IPSes WAFs, Endpoint Detection and Response (EDR) tools etc. 

  • Very strong understanding of networking protocols, operating systems and cyber security concepts and technologies. 

  • Experience with vulnerability assessments - scanning the environment, generating reports and engaging with system owners and stakeholders to make certain that any observed vulnerabilities or security concerns are addressed/remediated.

 

Preferred Skills

  • GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User, Splunk Admin, EnCE or similar certifications. 

  • Experience performing security analysis and writing content for one or more SIEM technologies. 

  • In-depth understanding of the current cyber threat landscape.

  • Excellent communication skills verbal and written. 

  • Experience and proficiency with writing guidelines, processes and procedural documentation.

  • Ability to perform read-outs of analysis and research to various audiences. 

  • Self-starter, team-player with the ability to coordinate and collaborate on multiple issues simultaneously with various stakeholders.

  • Experience with troubleshooting complex issues in a very technical environment.

  • Proficiency with case management and ticketing systems.

  • Ability and willingness to mentor and train new/incoming Analysts.

Apply


Attach or Paste
By submitting your application, you agree to our terms of use and privacy policy, and you agree to your information being transferred to our service provider for processing in accordance with their privacy policy (EU and Non-EU).