Security Operations Center (SOC) Analyst - 2 positions

TDI is looking for two (2) Security Operations Center (SOC) Analysts to perform deep-dive incident analysis by correlating data from various sources and determine if a critical system or data set is affected. Handle incidents as defined in Playbooks and SOP's and advise on remediation actions.

RESPONSIBILITIES:

• Identify Cybersecurity problems which may require mitigating controls
• Analyze network traffic to identify, exploit or intrusion related attempts
• Recommend detection mechanisms for exploit and/or intrusion related attempts
• Provide subject matter expertise on network-based attacks, network traffic analysis, and intrusion methodologies 
• Escalate items which require further investigation to other members of the Threat Management team     
• Execute operational processes in support of response efforts to identified security incidents
• Manage e-mail security using Proof Point, monitor for threats, and promptly respond to attacks
• Configure Splunk for log analysis, create alerts, and investigate security incidents diligently
• Monitor alerts closely, and conduct thorough security assessments   
• Set up FirePower for network monitoring, analyze traffic patterns, and enforce robust security measures
• Deploy Sentinel 1 agents efficiently across multiple platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC)
• Perform threat detection and analysis, investigate suspicious activity, coordinate incident response efforts, and implement remediation actions

• 4+ years of relevant work experience in a IT, SOC or NOC environment
• Bachelors Degree from an accredited College/University in the applicable field of services is preferred. Four additional years of relevant experience in lieu of a college  degree is required. If the individual’s degree is not in the applicable field then four additional years of related experience is required
• Experience with Splunk and MS Defender
• US citizen as this role will support a Federal agency