The analyst is responsible for monitoring client networks to detect suspicious and hostile activity that would jeopardize the integrity of information systems. Analysts are responsible for reviewing logs from various security tools and network traffic analyzers. Analysts must be able to compile information and prepare computer security incident reports based in intrusions, events, and incidents that are detected. Analysis will work closely with network engineers and system administrators to ensure mitigation of all activity detected. In addition analysts must assist in the evaluation, research and development of computer and network security tools.
- · Constant monitoring of intrusion detection systems.
- · Creation of technically detailed reports based on intrusions and events.
- · Provides assistance in computer incident investigations
- · Analyze and evaluate anomalous network and system activity.
- · Assist in troubleshooting and problem solving a wide variety of client issues.
- · Collaborate well with members of the IAM team on daily policy issues.
- · Provide quality customer service with excellent communication skills.
- · Recommend modifications to access control lists to prevent and mitigate intrusions.
· A total of seven years relevant IT experience: four years of relevant IA and/or security experience, and a Bachelor’s degree.
· Ability to apply for and maintain a clearance and or have an active Security Clearance.
· Night shift, working 12hr shifts on a rotating basis, working no more than 3 nights in a row.
· An advanced understanding of current threats and trends present in the Information Security and Technology field.
· Advanced knowledge of network technologies and protocols.
· Understanding of network hardware devices and experience configuring Access Control Lists or other Firewall or Router configuration experience.
· Ability to demonstrate strong knowledge of computer security concepts.
· DOD 8570 Compliance, or the ability to quickly obtain and maintain active security certifications: Network+, Security+, GCIA, GCIH, CEH.
· Initiative and a personal interest in Information Technology Security.
· People skills and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details.
· Have used network security analysis tools such as Snort, TCPDUMP, WireShark, and other Host or Network based Intrusion Detection Systems
· Experience with system vulnerability assessment.
· Familiar with computer forensic tools FTK, EnCase or other network forensic applications.
· Knowledge of Linux/UNIX and Windows OS security.
· Knowledge of computer programming languages and scripting languages. Previous scripting and coding experience is desired but not required.
· An understanding of DOD and Army information assurance policy and regulations.
· Excellent written and verbal communication skills.
· Excellent problem solving skills.
: United States-Maryland-Aberdeen