Information System Security Specialist

Print Friendly


Description: 
Join Newberry’s Team as an Computer Network Defense Technician and become part of a rapidly growing and successful organization focused on today’s emerging cyber security threats. The successful candidate will possess current technical skills and have experience supporting a 24×7 EEMSG Cisco Ironport devices.



All  ESDNA EEMSG analysts  must be able to perform the following duties:
    • Protect, detect, and respond to suspicious/malicious email traffic IAW CJCSM 6510.01.
    • Provide continuous, 24×7 monitoring of EEMSG Cisco Ironport devices to identify suspected malicious email traffic to include phishing attempts and malware/virus events and implement mitigation strategies to include custom EEMSG Filters to on known indicators of malicious email through open and closed source reporting and through ESD-NA internal research.
    • Analyze EEMSG Cisco Ironport alerts, message quarantines and message tracking data to determine if a CJCSM 6510.01 reportable event has occurred.  Analysts will leverage additional data sets including, but not limited to: Host Based Security System( HBSS), various Log Analysis Warehouse Tools (LAWT) such as Sensage and Splunk,Network sniffers and DISA  Community Data Center (CDC)  tools.
    • Generate long form incident reports for suspected suspicious/malicious email traffic for distribution to the subscriber or provide TIPPER to the user’s organization CC/S/A/FAs CND provider alerting them to the possibility that a reportable event has occurred.
    • Report all suspected suspicious/malicious email traffic to US Cyber Command via DISA Command Center (DCC) using  DIAMS and JIMS ticketing systems.
    • Identify use case scenarios for useful SQL queries using LAWTs to inform analyst of inbound or outbound mail that goes against the existing EE security policy
    • Monitor several different Intel sources on the SIPRNET and NIPRnet  for “targeted email threats”, and create signature for EEMSG Ironports based on that intel.
Requirements: 
Requirements
  • Must be able to work shift work.
  • Must possess a top secret clearance
  • Must have a Security + Certification
  • CEH desired, must have the ability to obtain CEH within 6 months of start.
  • Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
  • Experience working with network sniffing tools such as Wireshark, Splunk, Sourcefire, Sensage.
Desired skills:
  • CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
  • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
  • Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics.
  • Experience with malware analysis concepts and methods.
  • Understanding of Linux and basic Linux commands; understanding of mobile technology and OS (i.e. Android, iOS, Windows)
  • Scripting and programming experience (Powershell; Bash/PERL/Python scripting)
  • Motivated self-starter with strong written and verbal communication skills.
  • Familiarity or experience in Lockheed Martin’s Intelligence Driven Defense and/or Cyber Kill Chain methodology.
  • Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.
The Newberry Group, Inc. is an Equal Opportunity Employer – EEO/AA/Disability/Veteran
Location  Honolulu , HI
Minimum Experience (yrs):  2+
Required Education:  Bachelor’s Degree
Benefits:  401K/Roth 401K
Dental
Education & Training Reimburs.
Employee Assistance Programs
Employee Referral Bonus Program
Flexible Spending Account
Group Basic Life
Long Term Disability
Medical
PTO & Holidays
Short Term Disability (Optional)
Voluntary Life Insurance
Voluntary Vision

Source:http://search3.smartsearchonline.com/newberrygroup/jobs/jobdetails.asp?job_number=5641&sourcename=Indeed

Print Friendly

Leave a Reply