Position Title: Information Security Analyst
Status: US Citizen
Clearance: ***MUST obtain and maintain an EOD (Entry on Duty) and a Top Secret/SCI Security Clearance. Those with active security clearances are preferred, but not required***
Our client has available positions for incident responders and network security monitoring analysts in a 24x7x365 SOC. Responsibilities will include, but not be limited to network security analysis, monitoring and incident response.
Our Security Analysts work with and learn from experienced security team leaders and use the latest technology to detect, analyze and limit intrusions and security events. Candidates must be willing to work in a 24/7/365 SOC environment, demonstrate intuitive problem solving skills and allow for flexible scheduling.
-Performs network security monitoring and incident response for a large organization, coordinates with other government agencies to record and report incidents.
-Maintain meticulous records of security monitoring and incident response activities.
-Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
-Create, modify, and update IDS/IPS and Security Information Event Management (SIEM) tool rules.
-Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
-Be able to provide host-based forensics.
-Evaluate/deconstruct malware (e.g. obfuscated code) through open-source and vendor provided tools.
-Task other analysts and directs efforts to analyze the IDS and remediate security issues found.
-Train other analysts in roles and responsibilities.
-Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems. Assists with implementation of counter-measures or mitigating controls.
-Assists with implementation of counter-measures or mitigating controls.
-Generate end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
-Evaluate firewall change requests and assess organizational risk.
-Prepare briefings and reports of analysis methodology and results.
-Create and maintains Standard Operating Procedures and other similar documentation.
10+ years of professional work experience performing a similar technical discipline and a Bachelor's Degree in Computer Science or related discipline. 14 years of professional work experience performing a similar technical discipline with no degree.
-10 - 15 years of related professional experience within Information Technology and/or Information Security or equivalent combination of education and work experience. Candidates must be able to work a flexible schedule within a 24x7x365 Security Operations Center (SOC) environment, as well as may be expected to work holidays. A good candidate should have some or all of the following traits: Excellent analytical and problem solving skills as well as interpersonal skills to interact with customers, team members and upper management; skilled in Cyber Security Incident Response and Network Security Monitoring; Excellent foundation in computer networking (TCP/IP), knowledge of Windows, Linux and Cisco operating systems and information security; Experience with ArcSight ESM, SIEM technologies, Splunk, McAfee NSM, antivirus, Wireshark, Microsoft Online Protection for Exchange (EOP), Firewalls and Sourcefire and/or similar tools highly preferred. Knowledge and experience with scripting and programming (Python, PERL, etc.) are highly preferred.
Desirable certifications include SANS GCIH, GCIA, GCFE, GREM, GXPN, GMON, OSCP, OSCE, OSWP, OSEE, Carnegie Mellon Certified Security Incident Handler, ISC2 CCFP, CCSP, CISSP, CHFI, EC-Council CHFI, LPT, ECSA and EnCase ENCE.
May require travel between Washington D.C. location and backup location in Bluemont VA.
Environment is 24x7x365. Day/Night shift; weekend and holiday work may be required per agreement with the hiring manager. A specific shift cannot be guaranteed but attempts will be made to place personnel on their desired shift.
||Information Security Analyst
Opportunity Employer M/F/D/V