Role Description Visual Soft, Inc is seeking qualified candidates to work on our efforts with a Prime for their end customer, a federal agency. - Position: SOC - Security Analyst (US Citizenship is a MUST) - (fully REMOTE with first 2 weeks onsite training in Shift 1- 8 AM to 5 PM) - Location: Washington, DC, next to Union Station metro - Compensation: Based on certifications, education and experience, very competitive - Various Shifts available. SHIFT TIMINGS: 3rd SHIFT- M-F 11PM-7:30AM The SOC Analyst has the primary responsibility of aggressively monitoring and responding to alerts triggered in the SIEM tool or requests for assistance from customers. The SOC Analyst will use a variety of tools to investigate incidents and take immediate action or recommend a course of action to safeguard the U.S. Courts systems. The SOC Analyst works as Tier 1/2 support and will be under a senior SOC analyst/shift lead for review before completing event notation to assure correctness in reviews. Events that require over 15 minutes of analysis are to be escalated to the Seniors on shift for analysis. Qualifications - Minimum of two (2)+ years of hands-on network intrusion detection experience with 3-5 years of total experience. - Ability to investigate and evaluate network traffic. - Ability to read and interpret log and sniffer packets, Wireshark. - Ability to analyze data from a variety of sources over time and create a logical narrative of observed behavior. - Ability to communicate clearly both orally and in writing. Requirements - Prior or ongoing experience (2+ yrs) of working in a SOC environment is a MUST. - First two (2) weeks will be on Shift 1, 8 AM to 5 PM for training; following that, the selected candidate will be moved to Shift 3. - Candidate will have 2+ years of hands-on performing intrusion detection analytics working with the examination of logs and console events in the following areas: Splunk, examining Snort based IDS events, PCAP, web server log review, and working in a SIEM environment. - Education Requirement: High School diploma preferred, industry certifications are desired such as CEH or Security+ or other industry certifications. - Clearance requirement: U.S. Citizenship is required. Benefits - 3 weeks of Paid time off (PTO that includes sick leave). Any unused PTO will be issued as a check at the end of an employee's anniversary with us. - 2 floating and 8 public holidays. Floating and holidays expire at the end of every year of service of an employee. - Company will cover 50% of health and dental insurances only for all full-time employees; dependents can be added at extra cost. - Employee's health and dental coverage becomes effective after 30 days or first of the month after an employee completes initial 30 working days. - STD, LTD and one-time salary equivalent of life insurance at NO cost to all full-time employees. - All full-time employees or W-2 employees with no benefits will be eligible to participate in the company's 401k program after 90 days of employment with a company match of 4%, immediate vesting. - All W-2 employees are eligible to be part of the company's profit sharing, no employee contributions required.

Role Description We are seeking a Junior ISRM Threat Analyst to support the organization’s cybersecurity operations by monitoring, analyzing, and responding to potential security threats. This is an entry-level opportunity ideal for candidates looking to gain hands-on experience in incident response, threat analysis, and security operations while working alongside experienced cybersecurity professionals. Key Responsibilities - Threat Monitoring & Analysis - Monitor SIEM, IDS/IPS, and other security tools for potential threats - Analyze security logs and alerts to detect suspicious activity - Research emerging threats, vulnerabilities, and attack vectors - Assist in maintaining and updating threat intelligence feeds - Incident Response Support - Assist in investigation and containment of security incidents - Collect and document evidence related to incidents - Follow established incident response procedures and playbooks - Support post-incident analysis and reporting - EDR Administration - Support management of enterprise EDR tools - Assist with deployment and testing of configurations and sensors - Collaborate with IT teams to troubleshoot endpoint security issues - Threat Hunting - Assist senior analysts in proactive threat hunting activities - Use threat intelligence tools to identify risks - Document findings and contribute to reports - Reporting & Documentation - Prepare security reports and presentations - Maintain accurate documentation of incidents and vulnerabilities - Contribute to security awareness materials - Continuous Learning - Stay updated on latest cybersecurity threats and best practices - Participate in training and pursue relevant certifications Qualifications - Bachelor’s degree in Information Systems, Cybersecurity, or related field - Basic understanding of cybersecurity concepts and tools - Knowledge of SIEM, IDS/IPS, and endpoint security tools - Strong analytical and problem-solving skills - Good written and verbal communication skills Preferred Skills - Familiarity with EDR tools - Network security fundamentals - Operating systems (Windows, Linux, macOS) - Exposure to threat intelligence platforms - Incident response processes - Basic knowledge of TCP/IP, networking, and security protocols - Vulnerability management concepts Nice-to-Have Certifications - CompTIA Security+ - CEH (Certified Ethical Hacker) - GSEC or similar entry-level cybersecurity certifications

• Responding to cyber security alerts within defined SLAs • Contributing to key initiatives to enhance the Cyber Security Operations team’s maturity and operational capabilities • Adhering to cyber security processes, procedures and other documentation while performing incident response duties • Assisting with development of documentation regarding how to perform specific incident response tasks • Analyzing security system logs, security tools, and available data sources to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection development and system tuning • Assisting in identifying monitoring/detection gaps and helping to drive them toward resolution • Escalating cyber security incidents to incident response analysts when appropriate • Identifying and actioning incident trends observed during triage and response activities • Assisting with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOP) • Assisting with cyber security awareness and education initiatives, as needed • Operating in a global on-call rotation and being available to respond outside of normal business hours, if necessary

• Provide direct support for external and internal audit efforts, specifically focusing on frameworks such as SOC 2 Type 2, ISO 27001, ISO 27017, ISO 27018, and ISO 42001. • Execute and document procedures for continuous monitoring and evidence gathering. • Implement automated solutions, including utilizing AI, to effectively reduce manual efforts associated with repetitive evidence collection tasks. • Review, edit and update internal security policies, standards and procedures to ensure they accurately reflect current operational controls and compliance requirements. • Assist in the supply chain risk management program by tracking vendor compliance documentation, reviewing vendor security posture, and maintaining the vendor risk register. • Participate in internal security audits and support the business development team by completing security questionnaires for Requests for Proposal (RFP), ensuring accurate and compliant representation of our controls.