CSOC Analyst T1 - NC

Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers’ most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and commercial markets. This position is CONTINGENT upon funding, an open position, customer approval, completion of a favorable background investigation, and the ability to obtain and maintain our customer's sensitive clearance. Nightwing is seeking to hire a CSOC Analyst. Candidates should have some work experience in Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Team (CIRT). Responsibilities Identification of Cybersecurity problems which may require mitigating controls Analyze network traffic to identify exploit or intrusion related attempts Recommend detection mechanisms for exploit and or intrusion related attempts Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies Escalate items which require further investigation to other members of the Threat Management team Execute operational processes in support of response efforts to identified security incidents Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc Follows strict guidance on reporting requirements Keeps management informed with precise, unvarnished information about security posture and events Promotes standards-based workflow both internally and in coordinating with US-CERT Engages with other internal and external parties to get and share information to improve processes and security posture Supervises and guide team efforts Communicates to CISO leadership Produces design documentation Leads analyzing/investigating reports or anomalies Requirements Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance Must have 2+ years of relevant work experience Must have experience in: Endpoint Detection and analysis Sysmon log analysis IT security Network traffic analysis Strong working knowledge of: Boolean Logic TCP/IP Fundamentals Network Level Exploits Threat Management Regular Expressions Knowledge of Control Frameworks and Risk Management techniques Excellent oral and written communication skills Excellent interpersonal and organizational skills Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies Strong understanding of common IDS/IPS architectures and implementations Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection Desired Skills Splunk experience, developing queries, data models, and dashboards Cloud monitoring experience is a plus Excellent writing skills Required Education Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience may be substituted for each year of degree-level education. Certifications (one or more desired) DOD 8570.1-M Compliance at IAT Level II; CISSP, Certified Ethical Hacker (C|EH), Sec+, SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, or CCNA The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. Previously part of a leading Fortune 100 company and headquartered in Dulles, VA; Nightwing became independent in 2024 but continues to support the nation’s most mission impactful initiatives. When we formed Nightwing, we brought a deep set of credentials and an unfaltering commitment to the mission. For over four decades, our team has been providing some of the world’s most technically advanced full-spectrum cyber, data operations, systems integration and intelligence support services to the U.S. government on its most important missions. At Nightwing, we value collaboration and teamwork. You’ll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we’ll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients. Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team. At Nightwing, we value collaboration and teamwork. You’ll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we’ll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients. Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team. Nightwing is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class. Previously part of a leading Fortune 100 company and headquartered in Dulles, VA; Nightwing became independent in 2024 but continues to support the nation’s most mission impactful initiatives. When we formed Nightwing, we brought a deep set of credentials and an unfaltering commitment to the mission. For over four decades, our team has been providing some of the world’s most technically advanced full-spectrum cyber, data operations, systems integration and intelligence support services to the U.S. government on its most important missions. At Nightwing, we value collaboration and teamwork. You’ll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we’ll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients. Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team. Apply tot his job