SOC Analyst Security Clearance

Position: SOC Analyst with Security Clearance
Position Summary Northern Technologies Group (NTG) is seeking a highly motivated Security Operations Center (SOC) Analyst to support a mission-critical cybersecurity operations environment. The SOC Analyst will be responsible for monitoring, analyzing, investigating, and responding to cybersecurity events and incidents across enterprise networks and systems. This role requires experience in incident response, cyber defense operations, threat detection, and security monitoring within a Security Operations Center (SOC).

The ideal candidate will possess strong analytical skills, experience working with enterprise security tools, and a deep understanding of cyber threat actor tactics, techniques, and procedures (TTPs).

Essential Duties and Responsibilities
* Monitor and analyze security alerts generated from endpoints, IDS/IPS systems, Net Flow data, SIEM platforms, and custom security sensors.

* Identify, investigate, and respond to potential cybersecurity incidents and compromises across customer networks and endpoints.

* Perform detailed analysis of large-scale log data and correlate information across multiple data sources during incident investigations.

* Escalate validated threats and incidents to senior SOC personnel while providing detailed supporting evidence.

* Document investigative findings, actions taken, and recommendations within case management and knowledge management systems.

* Create, maintain, and distribute incident reports to customers, stakeholders, and leadership.

* Support Cyber Network Defense (CND) operations through protection, detection, response, and sustainment activities.

* Participate in shift operations supporting a 24x7 mission-essential environment.

* Maintain awareness of emerging cyber threats, attack vectors, and adversary TTPs.

* Contribute to knowledge sharing, mentoring, training, and continuous improvement initiatives.

Minimum Qualifications (Knowledge, Skills, and Abilities)
* Must be a U.S. Citizen.

* Must possess an active DoD Top Secret/ SCI security clearance

* Bachelor’s degree and 8+ years of relevant experience, Additional military service and relevant experience may substitute for degree requirements. Candidates without a degree must possess a minimum of 12 years of relevant experience.

* Minimum 2 years of incident handling and incident response experience.

* Minimum 2 years of Security Operations Center (SOC) experience.

* Experience supporting Cyber Network Defense (CND) operations within a Computer Incident Response organization.

* Demonstrated understanding of Cyber threat life cycles, Attack vectors and exploitation methodologies, Adversary tactics, techniques, and procedures (TTPs)

* Strong knowledge of: TCP/IP networking, Network protocols and ports, Traffic analysis, System administration, OSI model, Defense-in-depth security principles

* Ability to work independently in a fast-paced operational environment.

* DoD 8570 IAT Level II (or higher) certifications prior to start date (CompTIA Sec+, SSCP etc)

* Must also obtain a DoD 8570 CSSP-Analyst certification within six months of hire (CEH, CySA+, GCIA)

Preferred Qualifications
* Experience analyzing large volumes of:
Security logs, Net Flow data, Full Packet Capture (PCAP), Network forensic artifacts

* Hands-on experience with enterprise SIEM platforms such as:
Splunk, Arc Sight, QRadar, McAfee Enterprise Security Management (Nitro), Log Logic.

* Experience with: IDS/IPS technologies, Host-Based Security Systems (HBSS), Endpoint security tools, Malware analysis techniques

* Unix/Linux command-line proficiency.

* Scripting or programming experience.

* Familiarity with: MITRE ATT&CK Framework, Cyber Kill Chain Methodology, Intelligence-Driven Defense concepts
Physical Demands and Work Environment The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls.

The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate. Northern Technologies Group is an equal opportunity employer.

We do not discriminate based on race, color, religion, sex, national origin, disability, age, or any other protected status under federal, state, or local law. Travel 10% Shift Day Shift Note The company is an Equal Opportunity Employer, drug free workplace, and complies with ADA regulations as applicable. This job description is not designed to cover or contain a…