CSOC Analyst

Overview

Visual Connections is seeking a CSOC Alert Analyst
. As a CSOC Alert Analyst
, you will play a critical role in supporting the mission of the Veterans Affairs (VA) by monitoring key cybersecurity systems for intrusions and vulnerabilities amongst VA’s application environments.

Veterans are encouraged to apply. Position is currently remote but could move to onsite in Martinsburg, WV, Hines, IL, or Austin, TX.

• The analyst is the first line of defense, responsible for reviewing and triaging alerts generated by Prisma Cloud. This includes identifying if the alert is a true positive or a false positive.
• Use Prisma Cloud's features to enrich alerts with critical context, examining the affected asset (e.g., a container, serverless function, or virtual machine), its environment (production vs. development), its network exposure, and any associated user or service identities to determine severity and business impact.
• Prioritize the most critical alerts using Prisma Cloud's risk scoring and attack path analysis.
• For true positive alerts, perform deeper investigation by reviewing logs, network traffic, and forensic data within Prisma Cloud's dashboard.
• Proactively hunt for potential threats using Prisma Cloud's tools, including anomalous activity, suspicious network connections, or unauthorized changes to cloud configurations.
• Identify root causes of incidents, such as why a vulnerable container was deployed to production or why a user has overly permissive access.
• Work with security orchestration, automation, and response (SOAR) playbooks, often integrated with Prisma Cloud, to trigger automated response actions (e.g., disable a compromised user account or apply a "virtual patch").
• When automation isn't possible, provide technical teams with specific, actionable remediation steps (e.g., guidance on which misconfigured S3 bucket to lock down).
• Document investigations and communicate clearly to stakeholders. Escalate high-priority incidents to senior analysts or incident response teams with necessary context.
• Fine-tune Prisma Cloud policies to reduce alert fatigue, collaborating with senior engineers or Dev Ops to adjust policies or exclude resources as needed.
• Contribute to creating new detection rules based on emerging threats or new compliance requirements using Prisma Cloud's policy-as-code capabilities.

• Bachelor's Degree or higher with 3-10 years of experience, or 5 years minimum experience may be considered in lieu of a degree.
• Familiar with monitoring security dashboards.
• Experience with Palo Alto Prisma Cloud or similar tools; XSIAM experience a plus.
• Experience with Agile project management methods and frameworks such as SCRUM.
• Exceptional written and verbal communication skills.
• Strong planning, organizational, and time management skills.
• Exceptional analytical and conceptual thinking skills.
• Ability to work second shift (15:00 to 23:00 EST).
• Strong leadership skills and ability to work collaboratively with a team of peers.

• Visual Connections, LLC offers a full benefits package including:
  Full Medical, Dental, Prescription and Vision health care.
• 11 Paid Holidays annually.
• Paid time off.
• Short Term, Long Term Disability and Life Insurance.
• Employee Assistance Program (EAP).
• Training and Development opportunities including professional certification and educational reimbursement.

Visual Connections, LLC provides employment opportunities for all employees and applicants in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

We are a Service-Disabled, Veteran-Owned Small Business; and a Certified Maryland Business Enterprise. We were established in 2007 to provide public and private sector clients with robust web-based applications, Health IT and Portfolio and Program Management services. We have proven ourselves to be valuable partners who can deliver both qualitative and quantitative results to our clients. Our versatile, efficient and experienced team has a stellar record of past performance, working with the Department of Defense (DoD), Department of Health and Human Services (DHHS), Veterans Health Administration (VHA), Centers for Medicare and Medicaid Services (CMS), Centers for Disease Control and Prevention (CDC) and Blue Cross Blue Shield (BCBS).

With an employee base well versed in different disciplines, we are able to deliver high quality customizable solutions.