Network Security Specialist / Incident Response Analyst / Cybersecurit

Company: Focused Cyber, LLC
Location: Arlington
Posted on: February 19, 2021

Job Description:

Focused Cyber has an opportunity for 2 Network Security Specialists to support one of our Federal Customers in the DC Metro Area!

Give us the chance to make you a good offer!

Position Criteria

Clearance Level: TS (with SCI eligibility preferred)
Citizenship: US Citizenship
Location: Arlington, VA

Position Description

The Network Security Specialist / Incident Response Analyst is responsible for examining malicious software, suspicious network activities, and non?authorized presence in the network to analyze the nature of the threat, and secure and monitor firewall configurations. The Network Security Specialist needs to understand the specimen---s attack capabilities, its propagation characteristics, and define signatures for detecting malware presence. By understanding the network principles and security, this expert can build a robust network that provides the proper functionality and correct level of security.

Qualifications

Basic Qualifications

• A Bachelor---s Degree in Computer Science or a related IT field and a minimum of 5 years technical experience required.
• Selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.
• Ability to understand and learn technical specifications, system requirements and other application design information as needed.
• Basic understanding of Network Administration and Network Security.
  
  Preferred Qualifications
  
  • DHS EOD or the ability to obtain one. Must already have a final TS clearance with SCI eligibility
  • Previous experience providing on-site consulting support for a technical project, preferably with a federal and/or state customer.
    Responsibilities Include:
    
    Technical analysis of network activity; the analyst monitors and evaluates network event data, signature-based IDS events and full packet capture (PCAP) data.
    
    • Triage IDS alerts; collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, prepare initial summary reports.
    • Monitor and analyze signature-based IDS alerts and associated packet (PCAP) data
    • Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity
    • Document key event details and analytic findings in an incident management system
    • Provide oversight and assessment of incident response and triage actions across a large enterprise
    • Identify & extract network indicators from incident reporting and published technical advisories/bulletins
    • Perform incident correlation & escalation
    • Recommend new IDS signatures and detection strategies.
    • Produce final reports and review incident reports from other analysts.
    • Communicate and collaborate with analysts from other SOC organizations to investigate cyber events.
    • Assess cyber indicators/observables and collaborate in the development of IDS signatures and detection mechanisms.
    • Monitor and report on trends and activity on network sensor platforms.
    • Provide technical assessments of cyber threats and vulnerabilities
    • Fuse open-source threat & vulnerability information with data collected from sensors across the enterprise
    • Develop, maintain and update standard operating procedures
    • Provide routine status updates for ongoing projects, trouble tickets, incidents, and other related tasks
    • Maintain awareness of major events and trends in the cyber security landscape
    • Research and evaluate emerging capabilities
    • Ensure that all alerts are monitored, interpreted, analyzed, and investigated
    • Utilize external reporting tools for threat intelligence
    • Monitor all security-relevant logs and alerts for signs of compromise, attack, or system misuse and policy violations
    • Innovate new methods to use existing tools and data sources, and identify and obtain new data sources, to detect cyber intrusions
    • Write detailed incident reports
    • Collect incident and investigation metrics and trending data, identify key trends, and provide situational awareness on these trends
    • Monitor all-source threat reporting
      Focused Cyber, LLC is an Equal Opportunity Employer.
      
      Main Number: or
      
      Powered by JazzHR
      
      KNoQJw3oPQ

Keywords: Focused Cyber, LLC, Arlington , Network Security Specialist / Incident Response Analyst / Cybersecurit, Professions , Arlington, Virginia