CCS Global Tech is a rapidly growing Information Technology company with a diverse portfolio of technology products and services and a large network of industry partnerships. With over 22 years of being a successful business with a global talent pool and presence, CCS is a certified Microsoft Gold Partner and specializes in delivering expert Microsoft based solutions for technical and business needs. We have been recognized by Inc. 500 Magazine as one of the fastest growing small companies in the Unites States.
we are a Tier 1 vendor for the City and County of San Francisco for Cloud Services, Staffing Services and Training Services. For this multi-year opportunity with a diverse set of needs to address, we are currently focusing on establishing partnerships with individuals as well as companies who can help us enhance our overall service portfolio, cut lead times, and ultimately help us deliver successfully. We currently hold sizable Government accounts in the San Francisco bay area including City and County of San Francisco, San Mateo County, and Santa Clara County.
We take great pride in our global reach and local influence. Your experience alongside our highly skilled and talented internal team who guide you along the way, offers key insights into what helps you stand out in a competitive job market.
If you are a partner company, please submit resumes with contact information of your own W2 Consultants only. Submitted consultants are expected to have excellent communication skills.
Senior SOC Analyst - Back-Half Night Shift
Washington, DC - Onsite
ACTIVE TOP-SECRET CLEARANCE
$100K-$130K
We are seeking SOC Analyst for multiple opportunities that are 100% onsite in Washington, DC. ALL APPLICANTS MUST HAVE AN ACTIVE TOP-SECRET CLEARANCE. NO EXCEPTIONS!!!!
Must be willing to work the following 12-hour shift, including Holidays:
7 pm-7 am Thursday-Saturday and every other Wednesday
You will be required to take an in-person hands-on keyboard interview assessment to be considered.
There is a mandatory 90-day probationary period of performance.
Must have at least 5-8 years of experience.
MUST be proficient in the following areas:
Must be currently supporting 24x7x365 SOC or Cyber Watch operations for a Federal Government agency.
Must have the ability to assess complex environments, establish situational awareness, and immediately contribute to mission success.
Must be a self-starter with the ability to quickly assume responsibilities and make an immediate positive impact on team objectives.
Must be able to work with minimal to no supervision.
Must be able to learn new technologies and techniques provided by the SOC Chief as well as "On your own".
Must be able to read, write, and comprehend at the advanced level.
Must be able to read, comprehend, and apply standard operating procedures, playbooks, and directives provided by the SOC Chief.
Must have applied knowledge of the full Triage & incident response process to determine if an event is a true positive or false positive.
Must be able to hypothesize during an event to determine an outcome.
Must have intermediate-advanced understanding of various cyber-attacks (new and old) across various platforms and environments including Active Directory, Windows, Linux. Cloud is a plus.
Must know how to perform and create intermediate-advanced custom Splunk searches in Splunk Enterprise Security to obtain various information for various cyber investigations as needed and/or requested by senior leadership.
Must know how to perform intermediate-advanced threat hunting in Splunk for various cyber-attacks including, but not limited to: Active Directory Attacks, User Behavior Analysis, Privileged User activity, Advanced Persistent Threat (APT) activity, and other ad hoc searches as needed and/or requested
Must be able to perform intermediate-advanced level root-cause analysis using various native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds, EnCase, AWS Guard Duty, AWS Security Hub)
Must be able to perform intermediate-advanced level host-based log and registry analysis.
Must be able to perform intermediate-advanced level log correlation to investigate various cyber events and incidents using native and security tools (Splunk Enterprise Security, Trellix, ACAS, SolarWinds, EnCase, AWS Guard Duty, AWS Security Hub)
Must have intermediate-advanced understanding and applied knowledge of networking fundamentals to include, but not limited to most common ports and protocols, what they are, and how they work)
Must have an intermediate-advanced understanding and applied knowledge of command line tools to obtain information needed for triage analysis including, but not limited to windows command line, Linux command line, PowerShell, etc.
Must be able to assist junior level analysts with various investigations as needed.
Prior Help desk and system administrators with ticket handling, Active Directory, and command line scripting experience preferred and are encouraged to apply.
Education Requirements
A bachelors or higher degree is highly preferred and a DOD IAT III certification
Clearance Requirements
Active Top-Secret with SCI/Q eligibility