Foxhole Technology, Inc.

  • SOC Analyst - Tier 2

    Job Locations US-DC
    Job ID
    Information Technology
    Regular Full-Time
    Clearance Required
    Secret/SSBI, Top Secret
  • Overview

    Organization: Depatment of Education

    Location: washington, DC

    Clearance: Top Secret

    Foxhole Technology provides gold standard solutions and service to our customers, including but not limited to: Security Incident and Event Management (SIEM); Continuous Monitoring and Risk Scoring (CMRS); Secure Configuration Management (SCM); Systems, Software and Network Engineering; Developmental Test and Evaluation (DT&E); and Authorization and Accreditation (A&A). Our in-depth expertise provides robust capabilities in penetration testing, program management and information security, as well as in all areas of cyber security engineering for DoD, Federal and Civilian agencies.

    Job Description

    The SOC Analyst Tier 2 monitors network traffic for security events and performs triage analysis to identify security incidents. This position responds to computer security incidents by collecting, analyzing and preserving digital evidence to ensure incidents are recorded and tracked in accordance with SOC requirements. SOC Tier 2 Analysts work closely with the other DoED teams to assess risk and provide recommendations for improving our security posture.

    • The ability to take lead on incident research when appropriate and be able to mentor junior analysts.
    • Experience managing cases with enterprise SIEM systems like Arcsight, Splunk or Sourcefire.
    • Working knowledge of any of the following tools is required: McAfee EPO, Symantec Endpoint, RSA | Security Analytics, NIKSUN, Wireshark or other information security tools.
    • Conduct research on emerging security threats.
    • Provides correlation and trending of   cyber incident activity.
    • Develops threat trend analysis reports and metrics.
    • Supports SOC analysis, handling and response activity.
    • Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
    • Author Standard Operating Procedures (SOPs) and training documentation when needed. Shift work is required.

    Minimum Requirements

    • Bachelors or equivalent experience
    • 7+ years project related experience
    • Deep packet and log analysis
    • Some Forensic and Malware Analysis
    • Cyber Threat and Intelligence gathering and analysis

    Desired Experience/Certifications

    • One or more certifications, including but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security), Security + or equivalent.
    • 2+ years in an Incident Responder/Handler role
    • Ability/experience in training and supervising junior analysts.

    More Information

    The Department of Education, Cyber Security Operations Branch, is tasked with the mission to plan, coordinate, integrate, and conduct the activities necessary to ensure the protection and availability of the Department’s information infrastructure and assets. 

    Foxhole Technology provides support in three major areas:

    1. We operate and and maintain the ED Security Operations Center (EDSOC) that monitors, detects, analyzes, mitigates, and responds to cyber threats and adversarial activity against Department assets, networks, and information. The EDSOC supports the Department's Cyber Incident Responses Capability (EDCIRC) in rapidly responding and resolving incidents with minimal impact to the Department.
    2. We support Advanced Analysis, Response, and Research Services to include digital forensics, malware analysis, Insider Threat analysis, and cyber threat analysis. This capability area focuses on the activities necessary to investigate causes and sources of incidents and exploits based on evidence collection and the collection, analysis and production of cyber security intelligence information.
    3. We support the Vulnerability Management Program, which includes Independent Verification and Validation (IV&V), and Plan of Action and Milestones (POA&M) activities. The associated activities are the identification, tracking, reporting, and remediating vulnerabilities in the Department’s information systems as well as to verify and validate compliance to configuration standards.

    Foxhole Technology Commitments

    Accessibility and Accommodations
    For Individuals with Disabilities, Medical Conditions, or Physical or Mental Impairments: Foxhole Technology is committed to ensuring our employment process is open to all individuals. We provide reasonable accommodations to individuals who need assistance during any part of the employment process due to a disability, medical condition, or physical or mental impairment. Reasonable accommodations are considered on a case-by-case basis. If you are selected for further consideration and need an accommodation for any part of the application or interview process, please notify your Recruiting Representative. 


    Equal Opportunity Employer
    FoxholeTechnology is an Equal Opportunity Employer. We welcome and encourage diversity in our workforce. It is the policy of Foxhole Technology to provide equal employment opportunity to all employees and qualified applicants without regard to race, color, religion, national origin, sex, age, disability, pregnancy, sexual orientation, gender identity, transgender status, genetic information, protected veteran status, or any other protected characteristic under federal, state or local laws.


    Click Here to view the Pay Transparency Policy Statement.

    Click Here to see your rights under the Family Medical Leave Act. 
    Click Here for a summary of EEO rights on the "EEO is the Law" poster.
    Foxhole Technology participates in E-Verify. Download the PDF for more detail

    Former Employees
    We invite and encourage former employees to explore new opportunities with us. Rejoining the company can enhance newly acquired skills and build on the strong fundamental skills developed at Foxhole Technology. Employees that return to the company may be eligible for reinstatement of some benefits based on total years of service.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed