• SOC Analyst

    Koniag Government Services (Durham, NC)


    Tuknik Government Services, a Koniag Government Services company, is seeking a SOC Analyst to support TGS and our government customer in Durham, NC. This position requires the candidate to be able to obtain a Public Trust.

     

    We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

     

    Tuknik Government Services, a Koniag Government Services company, is seeking a SOC Analyst to support TGS and our government customer in Baltimore, MD/Durham, NC/Denver, CO. The ideal candidate will be able to obtain a Public Trust Clearance. This position involves providing 24/7/365 monitoring and analysis of security event alerts across the enterprise network. The SOC Analyst will monitor agency systems and daily log events to identify potential security threats, utilizing various sources such as sensor alert logs, firewall logs, content filtering logs, and Security Information and Event Management logs. The role requires reviewing all incoming alerts, investigating, and ticketing all identified potential security threats using the agency's incident response-ticketing platform. The SOC Analyst will validate traffic and/or network activity as anomalous according to agency standards and procedures, and will identify, investigate, and escalate potential security threats to senior agency resources when necessary. The position also involves measuring and modeling traffic, identifying patterns and ports, and producing reports, both contractual and ad hoc, providing information on events, trends, issues, and activity as requested by the federal customer. Additionally, the SOC Analyst will provide data for inclusion in the agency's CISA Report and investigate Open Source Threat Intelligence for the agency. The role may also require the creation of new intrusion detection signatures as needed.

     

    Work in a Security Operations Center (SOC) environment, providing detailed documentation of reported incidents utilizing ServiceNow. The candidate will function as a SOC Analyst performing triage, investigations, and responding to a wide variety of alerts.

     

    All employees are considered mission critical and are expected to report even during inclement weather conditions.

    Essential Functions, Responsibilities & Duties may include, but are not limited to:

    + Providing 24/7/365 monitoring and analysis of security event alerts across the enterprise network.

    + Monitoring agency systems and daily log events to identify potential security threats. Sources include, but not limited to, sensor alert logs, firewall logs, content filtering logs, and Security Information and Event Management logs.

    + Reviewing incoming alerts, investigating, and ticketing all identified potential security threats using agency incident response ticketing platform.

    + Prioritize all incoming alerts and responds accordingly in a timely manner.

    + Validating traffic and/or network activity (per alerts/logs) as anomalous in accordance with agency standards and procedures.

    + Identifying, investigating, and escalating potential security threats to senior agency resources when needed.

    + Measuring and modeling traffic, while identifying patterns and ports.

    + Producing reports, both contractual and ad hoc, providing information on events, trends, issues, and activity as requested by the federal customer.

    + Providing data for inclusion in the agency’s CISA report.

    + Utilize OSINT tools to identify and mitigate potential cybersecurity threats to the customer’s network.

    + Identifying the necessity for, and implementation of, the creation of new intrusion detection signatures.

    Work Experience, Knowledge, Skills & Abilities:

    + Candidate must have a minimum of 1-2 years of experience as an analyst in a SOC or similar environment.

    + Working knowledge of various SOC tools and their usage for detecting intrusion attempts.

    + Demonstrated experience creating custom intrusion signatures to detect specific network traffic anomalies.

    + Demonstrated experience in populating sensors with newly available signatures when responding to events or management requests.

    + Knowledge of potential threat reporting and tracking by means of at least one large-scale ticketing system (ServiceNow, CAPRS, or other similar system).

    + Ability to utilize email, instant messaging, and other monitoring tools to effectively navigate through the incident response process.

    + Strong oral presentation skills and the ability to articulate English in a clear and concise manner.

    + Demonstrated experience with Windows Operating System and Microsoft 365 tools.

    Requirements:

    + High School Diploma accompanied with related advanced training and certifications in cybersecurity or a related field. BS/BA degree preferred.

    + Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or CompTIA CySA+. Documented proof of certifications is required prior to the start of employment.

    + Experience with Windows Operating System and Microsoft 365 tools.

    + Great written and oral communication skills, with the ability to convey complex information clearly and effectively.

    + Must live within 2 hours travel of the designated Security Operations Center for which they are applying.

    + Must be able to obtain a Public Trust

    Nice-to-haves

    + Bachelor’s degree in computer science, or cybersecurity, or information technology.

    + Other advanced certifications such as Certified Ethical Hacker (CEH) or Certified Information System Security Professional (CISSP).

    + Home lab setup and participation in training platforms like TryHackMe or similar.

    Our Equal Employment Opportunity Policy

    The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.

     

    The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at [email protected] or by calling 703-488-9377 to request accommodations.

     

    _Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit_ _www.koniag-gs.com_ _._

     

    _Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352_

    Job Details

    Job Family** **Client Techncial Support and Training

     

    Job Function** **Help Desk Support Tech

     

    Pay Type** **Hourly