The coordinated terrorist attacks on the morning of September 11, 2001 forever impacted the course of history and the American way of life. Those attacks resulted in the creation of the Transportation Security Administration (TSA), designed to prevent similar attacks from occurring in the future.
CSRA supports the TSA, the leading Counterterrorism Agency for the US Government, by managing its worldwide IT environment. Our day-to-day mission is to provide that support in such a way that TSA can protect every single one of those 695 million people equally well, thus protecting our transportation infrastructure and ensuring freedom of movement for people and commerce. The IT Infrastructure Program Bridge Contract provides comprehensive IT managed services towards the sustainment of some of the customer-s most critical IT systems and applications.
Currently, we are seeking a Cyber Security Analyst Senior in Arlington, VA. The selected candidate must be able to obtain government security clearance, per contract requirements (Clearance Level: Secret / EOD).
This position performs forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators. Investigates cyber incidents, analyzes logs, and verifies the health of security systems. Ensures chain of custody and control procedures, documents procedures and findings in a manner suitable for presentation and prepares comprehensive written notes and reports. May be required to present findings to customer and company leadership. Includes application of technical principles, theories, and concepts typically obtained from a prolonged course of study.
So what is required of a Cyber Security Analyst Senior on a day to day basis? There are quite a myriad of tasks and responsibilities, such as:
* The administrator is responsible for the care and feeding of the splunk servers. This individual will be responsible for the installation of the main splunk server(s) as well as the configuration and installation of all splunk forwarders on a multitude of different operating systems. * Generates security incident tickets to address findings identified through scheduled audits, notifications from enterprise operations, and customer requests. * Perform root cause analysis of incident tickets, documents findings in tickets, escalate incidents as required, and performs all tasks to ensure tickets are closed timely with accurate information and proper resolution. * Performs daily health checks of security applications to ensure optimal functionality. * Performs audit of access control systems to ensure that security controls are effective and policies are met. * Performs general system administration of security applications * Develops solutions to technical problems of limited scope. Applies practices and procedures in analyzing situations or data from which answers can be obtained. May make recommendations for improving processes. * Contributes to completion of technical tasks. Failure to achieve results can normally be overcome without serious effect on schedules and programs. * Work is performed under general supervision. Work requires independently determining course of action but is reviewed for adequacy and accuracy. * Contacts are primarily with immediate work team and management. Occasional interaction with other sections or groups. * Other duties as assigned.
Is this job the next step in your career? Are you ready to take the leap and help ensure American-s and their goods are free to move about the country?
* Mon-Fri with core hours of 9AM to 3PM
To qualify, you must meet these basic qualifications:
* DoD SECRET Clearance * 3+ years of installation of the Splunk Enterprise 6.6.2 application on Microsoft Windows Server platform and a flavor of Unix (Redhat Linux, CentOS, etc). * 3+ years of installation and configuration of Splunk Universal Forwarders on endpoints to include the roll up of logs to central Splunk server. * 3+ years of experience with general systems administration in a Unix environment * 3+ years of experience with general systems administration in a Windows Server environment * 7 to 9 years of experience in network, host, data and/or application security in multiple operating system environments * Familiarity with multiple operating systems to include the following: Windows Server, various Unix flavors to include (Redhat Linux, CentOS). * Familiarity with the searching and reporting capabilities provided by the Splunk application. * Familiarity with the creation and management of Splunk knowledge objects for an organization. * Specific experience with the creation of lookups and dashboards that are used to extract information out of a Splunk data source that contains multiple inputs. * Bachelor's degree or equivalent combination of education and experience * Bachelor's degree in computer science or related field preferred * Experience working with internet, web, application and network security techniques * Experience working with relevant operating system security (Windows, Solaris, Linux, etc.) 3+ years managing a large distributed Splunk environment * Experience working in a fast-paced large environment with many moving pieces
* Strong analytical and troubleshooting skills * Self Starter - Ability to work without supervision * Excellent communication skills. * Strong analytical and problem solving skills to troubleshoot and resolve network/operating system security issues * Ability to perform and interpret vulnerability assessments * Ability to administer the operations of a security infrastructure * Ability to balance and prioritize work
# of Openings:
Scheduled Weekly Hours:
Telecommuting Not Allowed
USA VA Arlington - 1200 S Hayes St (VAS033)
Additional Work Locations:
CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.