|Our organization is looking for an experienced Cyber/Network Security Monitoring for a 12+ months contract position in Herndon, VA and Washington, DC. If interested please submit a current resume.
1. Job Title: Cyber/Network Security Monitoring
2. Location: Herndon, VA
3. Job Duration: 12+ months
4. Assignment Type: 1099, C2C
5. Pay Rate: Negotiable
6. Special Skills: 3+ years exp., cyber, incident response, network security, windows, Linux, cisco, ids, tcp/ip, siem, splunk, symantec
1 Tour 3 (3:30pm-12am) weekdays (Tier 2)
1 Tour 1 (11:30pm-8am) weekdays (Tier 2)
1 Weekend 1 (7am-7pm) plus 2 weekday 8 hour shifts (Tier 2)
2 Weekend 2 (7pm-7am) plus 2 weekday 8 hour shifts (Tier 2 and Tier 1) Tier 1/2
Performs network security monitoring and incident response for a large organization, coordinates with other government agencies to record and report incidents. * Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies. * Monitors and analyzes Security Information and Event Management (SIEM) to identify security issues for remediation. * Knowledge of creating Security Information Event Management (SIEM) tool rules. * Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information * Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems. Assists with implementation of counter-measures or mitigating controls * Prepares briefings and reports of analysis methodology and results * Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks. * Recommend changes to Standard Operating Procedures and other similar documentation * Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty. Experience and Education * 1-3 years of related experience in information technology and/or information security preferred * An understanding of Cyber Security Incident Response and Network Security Monitoring * Fundamental understanding of computer networking (TCP/IP) * Knowledge of Windows, Linux and Cisco operating systems and information security * Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk, Symantec antivirus, Firewalls and Sourcefire and similar tools preferred.
Threat Management Specialist – Security Incident Threat Handler – Tier 2: Candidates must be willing to work in a 24x7x365 CSOC environment, demonstrate intuitive problem solving skills and allow for flexible scheduling. Monitor network traffic for security events and perform triage analysis to identify security incidents. Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with CSOC requirements. Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
Job Overview * Full understanding of Tier 1 responsibilities/duties and how the duties feed into Tier 2 * The ability to take lead on incident research when appropriate and be able to mentor junior analysts * Experience managing cases with enterprise SIEM systems like Symantec, Splunk or Sourcefire * Working knowledge of any of the following tools is required: Symantec Endpoint, Wireshark, Encase, Splunk or other information security tools * Conduct research on emerging security threats * Provides correlation and trending of Program’s cyber incident activity * Develops threat trend analysis reports and metrics * Supports CSOC analysis, handling and response activity * Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents * Author Standard Operating Procedures (SOPs) and training documentation when needed * Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
Experience and Education * 3-4 years in an Incident Responder/Handler role * An understanding of Cyber Security Incident Response and Network Security Monitoring * Fundamental understanding of computer networking (TCP/IP) * Knowledge of Windows, Linux and Cisco operating systems and information security * Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk, Symantec antivirus, Firewalls and Sourcefire and similar tools preferred * Deep packet and log analysis * Some Forensic and Malware Analysis * Cyber Threat and Intelligence gathering and analysis * Bachelors or equivalent experience * Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred Performance Traits * Excellent analytical and problem solving skills * Interpersonal skills to interact with team members, management, and CSOC stakeholders * Self-Starter * Ability to lead with little direct supervision * Ability to think outside of the box and direct others when it is time to think outside the box Certifications
Job Type: Contract
Required license or certification: