Yesterday
Secret
Mid Level Career (5+ yrs experience)
No Traveling
IT - Security
Merrifield, VA (On-Site/Office)
Overview:
Personnel assigned to this role will serve primarily on the Operations & Response (O&R) Team; however, this role may also support the Vulnerability Assessment and Penetration Test (VAPT) and Engineering teams. This role is also responsible for coordinating with both the Cybersecurity Services Section and other sections or divisions within the organization.
Job Duties:
-Perform network security monitoring and incident response for a large organization
-Coordinate with other government agencies to record and report incidents
-Maintain records of security monitoring and incident response activities, utilizing case management and ticketing technologies
-Monitor Security Information and Event Management (SIEM) to identify security issues for remediation
-Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
-Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
-Assist with implementation of counter-measures or mitigating controls
-Support efforts to consolidate and conduct comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks
-Support Team Lead on developing recommendations for changes to Standard Operating Procedures and other similar documentation
-Monitor and reviews logs from existing security tools and creates new security tool signatures to ensure maximum performance and availability
-Perform all aspects of intrusion detection, log and audit management, network and database vulnerability assessment and compliance management, and security configuration
-Install, configure, troubleshoot, and maintain server configurations (hardware and software) to ensure their confidentiality, integrity, and availability
-Manage accounts, security devices, and patches; responsible for access control/passwords/account creation and administration
-Analyze collected information to identify vulnerabilities and potential for exploitation
-Provide support in the identification, documentation, and development of computer and network security countermeasures
-Identify network and operating systems vulnerabilities and recommends countermeasures
-Support the deployment and integration of security tools as needed
Prepare written reports, and provide verbal information security briefings
-Investigate, monitor, analyze, and report on information security incidents
-Respond to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats.
-Use mitigation, preparedness, and response and recovery approaches, as needed to maximize information security.
-Provide incident handling support for incident detection, analysis, coordination, and response
-Monitor network to actively remediate unauthorized activities
-Monitor intrusion detection sensors and log collection hardware and software to ensure systems are collecting relevant data
-Monitor all security systems to ensure maximum performance and availability
-Analyze computer security threat information from multiple sources, disciplines, and agencies across
Basic Qualifications:
-5 years support federal IT contracts in a technical/IT capacity
-3 years of experience in information system security, computer forensics, or insider threat, to include:
-3 years of experience performing requirements analysis, program development activities, architecting, engineering, integrating, developing and/or deploying information technology products (hardware and software) in an enterprise environment.
-3 years of experience in vulnerability assessment, analysis, and mitigation; analyzing security system logs, security tools, and data; network monitoring, and intrusion detection using host-based and network-based intrusion detection systems (IDS) and log management applications; testing, installing, patching, and upgrading computer hardware and operating systems (Windows, and UNIX) in an enterprise environment; identifying, collecting, processing, documenting, reporting, cyber security/incident response events; architecting, engineering, developing and implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and upgrading various information security hardware and software applications.
-3 years of experience using one or more of the following security tools: SourceFire, Arcsight, Splunk, NetWitness, Guidance Software, Digital Guardian, SureView, Intelliview, Nessus, and Foundstone.
-3 years of penetration testing experience for networks, web applications, and enterprise systems.
-2 years of experience with Federal cybersecurity standards, industry best practices and guidelines.
-Bachelor’s degree in computer science, information systems analysis, science/technology, information management, computer engineering, or electrical/electronic engineering or equivalent combination of education and work experience
-Active Secret security clearance required with ability to obtain a TS clearance
Personnel assigned to this role will serve primarily on the Operations & Response (O&R) Team; however, this role may also support the Vulnerability Assessment and Penetration Test (VAPT) and Engineering teams. This role is also responsible for coordinating with both the Cybersecurity Services Section and other sections or divisions within the organization.
Job Duties:
-Perform network security monitoring and incident response for a large organization
-Coordinate with other government agencies to record and report incidents
-Maintain records of security monitoring and incident response activities, utilizing case management and ticketing technologies
-Monitor Security Information and Event Management (SIEM) to identify security issues for remediation
-Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
-Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
-Assist with implementation of counter-measures or mitigating controls
-Support efforts to consolidate and conduct comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks
-Support Team Lead on developing recommendations for changes to Standard Operating Procedures and other similar documentation
-Monitor and reviews logs from existing security tools and creates new security tool signatures to ensure maximum performance and availability
-Perform all aspects of intrusion detection, log and audit management, network and database vulnerability assessment and compliance management, and security configuration
-Install, configure, troubleshoot, and maintain server configurations (hardware and software) to ensure their confidentiality, integrity, and availability
-Manage accounts, security devices, and patches; responsible for access control/passwords/account creation and administration
-Analyze collected information to identify vulnerabilities and potential for exploitation
-Provide support in the identification, documentation, and development of computer and network security countermeasures
-Identify network and operating systems vulnerabilities and recommends countermeasures
-Support the deployment and integration of security tools as needed
Prepare written reports, and provide verbal information security briefings
-Investigate, monitor, analyze, and report on information security incidents
-Respond to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats.
-Use mitigation, preparedness, and response and recovery approaches, as needed to maximize information security.
-Provide incident handling support for incident detection, analysis, coordination, and response
-Monitor network to actively remediate unauthorized activities
-Monitor intrusion detection sensors and log collection hardware and software to ensure systems are collecting relevant data
-Monitor all security systems to ensure maximum performance and availability
-Analyze computer security threat information from multiple sources, disciplines, and agencies across
Basic Qualifications:
-5 years support federal IT contracts in a technical/IT capacity
-3 years of experience in information system security, computer forensics, or insider threat, to include:
-3 years of experience performing requirements analysis, program development activities, architecting, engineering, integrating, developing and/or deploying information technology products (hardware and software) in an enterprise environment.
-3 years of experience in vulnerability assessment, analysis, and mitigation; analyzing security system logs, security tools, and data; network monitoring, and intrusion detection using host-based and network-based intrusion detection systems (IDS) and log management applications; testing, installing, patching, and upgrading computer hardware and operating systems (Windows, and UNIX) in an enterprise environment; identifying, collecting, processing, documenting, reporting, cyber security/incident response events; architecting, engineering, developing and implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and upgrading various information security hardware and software applications.
-3 years of experience using one or more of the following security tools: SourceFire, Arcsight, Splunk, NetWitness, Guidance Software, Digital Guardian, SureView, Intelliview, Nessus, and Foundstone.
-3 years of penetration testing experience for networks, web applications, and enterprise systems.
-2 years of experience with Federal cybersecurity standards, industry best practices and guidelines.
-Bachelor’s degree in computer science, information systems analysis, science/technology, information management, computer engineering, or electrical/electronic engineering or equivalent combination of education and work experience
-Active Secret security clearance required with ability to obtain a TS clearance
group id: 90670496
