CSOC Analyst Security Clearance

Position: CSOC Analyst with Security Clearance
About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace.

The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit  to learn how we're keeping people around the world safe and secure. Program Overview About

The Role
** Position is Contingent Upon Award
** Peraton seeks innovative professionals who thrive in mission-critical environments and are passionate about protecting our national critical infrastructure. This is your chance to make an impact on one of the nation's vital organizations, working alongside leaders in cybersecurity engineering, operations, forensics, threat analysis, data science, and systems integration. Join Peraton in supporting a large critical infrastructure operator to defend its corporate and operations networks from nation-state attacks, ensure the confidentiality, integrity, and availability of its systems and operations infrastructure, and comply with federal and industry cybersecurity regulation.

As an analyst in a 24x7x365 Cybersecurity Operations Center (CSOC), the position monitors the company's networks and systems using Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR) and Security Orchestration, Automation, and Response (SOAR) systems such as Splunk, Crowd Strike, Nessus Security Center, Axonius, Swimlane, Websense, Net Flow and other tools to identify and investigate anomalies and thwart cyberattacks.

Duties include analyzing security alerts, performing investigations, assessing threats, and implementing procedures to respond to incidents as a member of the company's CSOC team.

Primary Responsibilities:

The CSOC Analyst will be responsible to:
* As a member of a CSOC shift, monitor security reporting systems, dashboards and indicators of suspicious activity and unauthorized access for an extensive critical infrastructure covering 8 states

* Validate SIEM/EDR/SOAR security alerts, open case management investigations and perform investigations under the guidance of a lead analyst

* Review threat and vulnerability advisories issued by various government organizations and make recommendations to management

* Conduct research to determine the applicability of advisories to the company's environment

* Interact with internal Subject Matter Experts and functional groups to request information, discuss events, escalate issues and coordinate a response under the guidance of a lead analyst

* Formulate mitigation recommendations and document investigations

* Conduct open-source research and stay abreast of the latest cyber threats and security tools

Additional Responsibilities:
* Perform network and systems analysis of intrusion alerts to the network infrastructure and anomalous traffic, applications, operating systems, firewalls, proxy devices and malware detection, security incidents or anomalies flagged by monitoring tools, triage, and escalate them as warranted

* Perform in-depth security analysis of alerts from firewalls and reviewing system logs for suspicious patterns, perform preliminary incident response, event analysis and threat intelligence
* Investigate threats across multiple data systems and create incident review cases on notable events

* Investigate flagged alerts, determine if they are real threats, and follow designated response and containment procedures

* Confirm continuous data flows from system logs, PCAP captures, and intelligence feeds into the SIEM systems
* Review flagged events that are detrimental to the company's overall security posture; analyze and detect sophisticated and nuanced attacks, discern…