Cyber Security Intrusion Analyst

Description

Relocation Available

Cyber Security Intrusion Analyst – Intermediate

Monitors the overall security posture of the client’s host-based and network-based assets by detecting, analyzing and responding to security alerts and events.

Detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:

Computer intrusion analysis

Intrusion Detection

Computer network surveillance/monitoring

Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures

System log analysis

Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks

Demonstrated ability to document processes

Ability to work shift as required (night and day shifts).

Intermediate (3 – 5 Years of Experience)

Minimum of six (3) years of network defense/information assurance experience.

Experience with process development and deployment

Scripting experience

Prior experience with data correlation tools such as ArcSight, QRadar, LogRhythm, Splunk, etc.

Security Operations Center (SOC) experience.

Must be able to work collaboratively across agencies, other contractor vendors, and physical locations

Strong verbal and written communication skills.

Security Information and Event Management (SIEM) – detection and analysis, policy/signature (custom) development and management

Network Based Intrusion Prevention System (IPS) – detection and analysis, policy/signature (custom) development and management

Host Based Security System (HBSS) – event analysis and signature/policy development and management

Enterprise Firewalls – event/incident analysis and log review

Analytical skill and the ability to analyze customer requirements for security issues

Experience in developing, refining, and performing advanced analysis to uncover new or potential incidents

Experience in performing in-depth analysis and recommending defensive and proactive operations to defend against potential and malicious activity or inappropriate use by any internal or external entity (e.g. conducting malicious code activity analysis, determining the effects on a system or the network, assisting in gathering potential evidence for law enforcement)

Experience reviewing security architecture and design diagrams detailing ports, protocols, and services

Experience in assessing threat indicators (e.g. Malware/Malicious Anomalies/Abnormal network Activity/Root Level Compromise, etc.)

Experience in collaboration with other teams performing similar services identified as a part of the CND framework

Experience in preparing incident reports of analysis, methodology, and results.

Bachelor’s Degree in Computer Science or related technical discipline, or the equivalent combination of education, professional training, or work experience.

Atlanta, GA

None.

Secret clearance at a minimum but may require Top Secret/SCI in the future.

DOD 8570.01-M compliance at IAT Level II (GSEC, Security + CE, SSCP).

DOD 8570.01-M compliance for CNDSP Analyst (GCIA, C|EH, GCIH) *mandatory within four (4) months of assignment to CND role.

Source:http://chj.tbe.taleo.net/chj04/ats/careers/requisition.jsp?org=NETWSECU&cws=1&rid=181