Jul 25
Public Trust
$125,000 - $150,000
IT - Security
Washington, DC (On-Site/Office)
Intrusion Detection Team Shift Lead
2nd shift - 3pm - 11:30pm
Washington, DC - onsite
Responsibilities:
• Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client
• Provides timely and actionable sanitized intelligence to cyber incident response professionals
• Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture
• Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks
• Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership
Qualifications:
• Bachelor's with 8+ years of cyber security experience (or commensurate experience)
• 7 years of security intrusion detection examination experience involving a range of security technologies that product logging data; to include wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs
• Working experience of Splunk SIEM. Contractor will have at least two years as a cyber security or security operations shift team leader
• At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas of; creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, and working in a SIEM environment
2nd shift - 3pm - 11:30pm
Washington, DC - onsite
Responsibilities:
• Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client
• Provides timely and actionable sanitized intelligence to cyber incident response professionals
• Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture
• Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks
• Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership
Qualifications:
• Bachelor's with 8+ years of cyber security experience (or commensurate experience)
• 7 years of security intrusion detection examination experience involving a range of security technologies that product logging data; to include wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs
• Working experience of Splunk SIEM. Contractor will have at least two years as a cyber security or security operations shift team leader
• At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas of; creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, and working in a SIEM environment
group id: COMPHLP
