© Copyright 2024 Constellation GovCloud®. All rights reserved.
About Constellation
Constellation GovCloud (CGC) is a platform that uniquely accelerates compliance with requirements such as FedRAMP and StateRAMP. Once authorized, CGC enables these technology platforms to stay compliant through continuous monitoring and makes these compliant solutions available to end users and partners through a unique cloud marketplace.
About this role
We are looking for a Senior Cloud SOC Analyst that knows security operations cold, has deep experience with heavily regulated cloud environments and likes to build. The CGC SOC Analyst 2 will be responsible for continuous monitoring of CGC environments and the creation of detection analytics to align with NIST 800-53 Rev 5 requirements and MITRE ATT&CK techniques. The SOC Analyst 2 will serve as the initial escalation point for investigations and will mentor other analysts. Strong understanding of MITRE D3FEND and preventive security measures is a plus.
At Constellation GovCloud, you will:
- Develop the continuous monitoring of Constellation GovCloud’s Azure platform using a variety of industry-leading and proprietary monitoring and scanning technologies.
- Serve as the initial escalation for a team of SOC analysts providing monitoring and incident response.
- Develop and maintain analytics to identify MITRE ATT&CK techniques and misalignment with NIST 800-53 requirements.
- Work with the Engineering team to ensure proper configuration and coverage for the MITRE D3FEND framework.
- Mentor analysts with a focus on understanding detection engineering and analytical analysis.
- Support all CGC policies and procedures required to achieve and maintain FedRAMP, StateRAMP and other compliance standards.
- Obtain appropriate certifications (cloud security certifications as an example) for technical and security operations-related professional growth.
We’re looking for someone who has:
- 4+ years of experience excelling in a Security Operations Center (SOC), including mentoring junior analysts, with demonstrable experience with cloud-based workloads subject to FedRAMP or similar NIST requirements.
- Deep experience with these technologies:
- SIEM + SOAR for reporting and analysis, with deep experience in Splunk
- Endpoint security solutions including TrendMicro or similar
- Infrastructure and database scanning with Tenable or similar
- Cloud Monitoring such as Azure Monitor and AWS Config
- Familiarity with:
- DAST + IAST for application scanning including Acunetix
- Container scanning including BlackDuck and Trivvy
- Strong verbal and written communication skills and strong analytical and problem-solving abilities to analyze, organize and translate complex technical concepts into clear and digestible information.
- Ability to work independently or as a member of a team on various tasks and identify goals and tasks that are attainable and appropriate for ensuring CGC’s success.
- Bachelor’s degree or higher from a nationally accredited university in a related field or equivalent level certifications (i.e. SSCP, CASP+, GCIH, Microsoft Certified: Azure Security Engineer Associate, AWS Certified Security Specialty)
- Must be a U.S. Citizen.
Benefits and Perks:
At Constellation GovCloud, we want to empower and inspire employees to be and do their best. Workdays are dynamic, collegial, and fun. Our office features multiple places to work unconstrained by typical office barriers. Our wellness package provides access to an on-site gym and includes medical, dental, and vision insurance along with options for FSA and EAP. We offer 401(k) with employer match, unlimited PTO, and a culture respectful of the reality that not everything in one’s personal life is guaranteed to happen only after hours.This employer does not discriminate based on race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, veteran status, or any other status protected by applicable law or regulation. It is our intention that all qualified applicants be given equal opportunity and that selection decisions be based on job-related factors.
Job Information
Industry
Technology
Work Experience
4+ years
City
Tysons Corner
State/Province
Virginia
Country
United States
Zip/Postal Code
22182