Minimum Security Clearance
Top Secret/SCI Clearance
- CI or Full Scope Polygraph required |
Location
Colorado Springs, Colorado 80920 (map)
 Workplace: On-Site/Office
Travel: Not Specified
|
|
Functional Responsibility: Conduct ongoing monitoring and threat analysis; Assess threat and vulnerability information from multiple source and apply applicable mitigation techniques (triggering Indications & Warning); perform vulnerability analysis and periodic assessments across a client IT Enterprise in support of Operations & Maintenance activities; Develop mitigation and remediation plans from vulnerability assessment findings; Confer with users on issues such as security obligations, computer data access needs, and incident reporting mechanisms; and document information security/contingency measures policies, procedures and means of testing. Analyze general information assurance-related technical problems and provides basic engineering and technical support in resolving issues/problems. Design, develop, engineer and implement solutions that meet network security requirements. Perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Perform intelligence analyst on adversary network; apply knowledge of network fundamentals, open-source tools, and current tool implementation to devise fused analytic/collection strategies for pursuit and exploitation of cyber targets.
Professional Experience: Capability may be desired in one or more of the following areas
•Involvement (instruction, mentoring and supervising) with respect to IT security monitoring and analysis, cyber threat analysis and vulnerability analysis
•Demonstrated ability to perform preliminary/front-line analysis and interpretation of presumed anomalies on IT Enterprise systems
•Established skill with controls, such as NIST 800-53 (“Recommended Security Controls for Federal Information Systems”), applicable to network security monitoring/analysis, cyber threat analysis, and vulnerability analysis.
•Specific understanding of/familiarity with monitoring, evaluating, and interpreting vulnerabilities, Common Vulnerabilities and Exposure (CVEs), remediation techniques, mitigation measures, and in performing vulnerability assessments
•Familiarity with state-of-the-art systems in use by commercial and USG IT security practitioners, furnished by (but not limited to) the following vendors: ArcSight, Symantec, MacAfee, Snort (IDS/IPS Sensors) and Cisco
•Relevant professional certifications in IT security include (but not limited to) the following:
o Certified Information Systems Security Professional (CISSP)
o Cisco Certified Security Professional (CCSP)
o ArcSight Certified Integrator/Administrator (ACIA)
o GIAC Certified Intrusion Analyst
o GIAC Certified Professional, Information Security Professional (GISP)
o Systems Security Certified Practitioner
Education, Certification and Training: Bachelor's Degree is desired or an equivalent number of years domain experience.
|
Preferences
Employee
Industry Category: Cyber Defense Analyst
|
Compensation
Commensurate with experience |
|
|
