No more applications are being accepted for this job
- Experience implementing security methodologies and SOC processes
- Extensive knowledge about network ports and protocols (e.g
- Experienced with network topologies and network security devices (e.g
- Hands-on experience utilizing network security tools (e.g
- Experience training and mentoring junior analysts
- Expertise in developing custom SPL using macros, lookups, etc.
- Experience creating regex for pattern matching
- Extensive knowledge of common end user and web application attacks and countermeasures against attacks
- Experience creating SOPs and providing guidance to junior analyst
- Ability to analyze new attacks and provide guidance to watch floor analyst on detection and response
- Knowledgeable of the various Intel Frameworks (e.g
- TS/SCI clearance and DHS EOD is required Preferred Qualification
- Experience implementing security methodologies and SOC processes
- Experience developing custom workflows within Splunk to streamlines SOC processes
- Knowledgeable of APTs their capabilities and experience implementing appropriate countermeasures
- Experience in a scripting language (e.g
- Experience with performing cloud (e.g
Tier 3 Cyber Network Defense Analyst with Security Clearance - Franconia, VA, United States - Base One Technologies
Description
Our Franconia VA based client is looking for a Tier 3 Cyber Network Defense AnalystThis position requires an active TS/SCI clearance and DHS EOD
If you are qualified and interested in this opening, please forward a copy of your updated resume in word format to Must Have One of the Following J3 Certifications
SANS GIAC:
GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, or GCIH
EC Council:
CEH, CHFI, LPT, ECSA
ISC2:
CCFP, CCSP, CISSP CERT CSIH.
Offensive Security:
OSCP, OSCE, OSWP and OSEE Primary Responsibilities
Our Franconia VA based client is seeking a Tier 3 Cyber Network Defense Analyst to join our team on a highly visible cyber security single-award IDIQ vehicle that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff
Department of Homeland Security (DHS) Enterprise Security Operations Center (ESOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise
The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC
Direction and coordination are achieved through a shared DHS incident tracking system and other means of coordination and communication.
The Tier 3 analyst will provide support during core business hours and will also participate in an on-call rotational schedule.
Duties include proactively searching for threatsInspect traffic for anomalies and new malware patterns
Investigate and analyze logs
Provide analysis and response to alerts when escalated from junior analysts, and document activity in SOC investigations and Security Event Notifications (SENs)
Develop custom content within the SIEM or other network security tools to detect threats and attacks against the department
Tier 3 analysts participate in briefings to provide expert guidance on new threats and will act as an escalation point for M&A analysts
The analyst may also be required to author reports and/or interface with customers for ad-hoc requests
In addition, the Tier 3 analyst may be asked to participate in discussions to make recommendations on improving SOC visibility or process
Basic Qualification
Candidates shall have a minimum of five (5) years of professional experience in security, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention (DLP), Encryption, Two-Factor Authentication, Web-filtering, and Advanced Threat Protection.