Cyber Firewall Administrator - Colorado Springs, United States - Base2 Solutions

Description

Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity.

Job Description

Monitor day-to-day operations of the sensors (Suricata, Palo Alto, and ArcSight) located at supporting customer's locations.

Perform Enterprise Defense Countermeasure (DC) activities and coordination with other government agencies to record and prepare incident reports and analysis methodology and results.

Monitor and analyze signature alerts from Intrusion Detection/Prevention Systems (IDS/IPS) for false positives.
Provide technical enforcement of organizational security policies.
Provide "tune-or-drop" recommendations towards the DC team's Signature Lifecycle Review procedure.
Provide insight to Detection and Response teams on signature functionality and providing signature tuning as needed.
Communicate with customers and teammates clearly and concisely.
Maintain current knowledge of relevant technology as assigned.
Participate in special projects as required.
Position is day shift but may require evening, weekend or shift-work (depending on operational tempo).Required Skills

Experience authoring Snort signatures.
Experience authoring Yara rules.
Experience with Perl Compatible Regular Expressions (PCRE).Desired Skills

Experience in intrusion detection and prevention systems.
Proficient in network security technologies and protocols.
Dashboarding in Splunk.
Palo Alto Certification Next-Generation Firewall.
Characteristics

Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.

Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.

Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.

Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.

Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.

Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.

Researches and evaluates new concepts and processes to improve performance.
Analyzes cross-functional problem sets, identifies root causes and resolves issues.

Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.

May coach and provide guidance to less-experienced professionals.
May serve as a team or task lead.
Education and Experience

High School Diploma or GED 10 years of relevant experienceAssociates Degree 8 years of relevant experienceBachelors Degree 6 years of relevant experienceMasters Degree 4 years of relevant experiencePhD 2 years of relevant experienceNote: Relevant professional certifications will be considered equivalent to six (6) months of relevant experience

#J-18808-Ljbffr