MAXIMUS is a leading operator of government health and human services programs in the United States, United Kingdom, Canada, Australia and Saudi Arabia. The Company delivers business process services to improve the cost effectiveness, efficiency and quality of government-sponsored benefit programs, such as the Affordable Care Act, Medicaid, Medicare, Children’s Health Insurance Program (CHIP), Health Insurance BC (British Columbia), as well as welfare-to-work and child support programs around the globe. The Company’s primary customer base includes federal, provincial, state, county and municipal governments. Operating under its founding mission of Helping Government Serve the People®, MAXIMUS has more than 16,000 employees worldwide.
The Security Operations Center (SOC) Analyst is responsible for accurate and rapid response to security events as part of the rotational 24x7 operations of the SOC. Their objective is to manage, implement and monitor the strategic security monitoring and operation program to ensure that confidentiality, integrity, and availability of information owned, controlled or processed by the organization.
Preferred Certifications: ECIH, GCIA, GCIH, or similar
Experience mitigating and addressing threat vectors including Advanced Persistent Threat (ADT), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc.
2-4 years’ experience in analyzing security logs generated by Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, Web Application Firewalls (WAF’s), Anti-Virus, and/or other security logging sources. Experience performing security analysis utilizing Security Incident and Event Management (SIEM) technologies.
Possess a strong understanding of network communications protocols: (/IP, HTTP, DNS, and TLS. Experience with static and dynamic malware analysis. Experience writing custom protocol decoders. Possess an in-depth understanding of Windows system internals. Familiarity with Remote Access Tools and other network attacker tools.
Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, defend the analysis, and apply attribution to cyber threat activity
Knowledge of hacker methodologies and tactics, system vulnerabilities and ley indicators of attacks and exploits
Working knowledge of LINUX, Windows, and Network Operating Systems