Job Title: Senior Cyber Security Analyst
Posted by: Solutions By Design on Sep 20, 2019
Location:
Arlington , VAJob Description:
SBD is seeking a Senior Cyber Security Analyst to join our team in support our DoD customer in Arlington, VA. The Senior Cyber Security Analyst will help to establish a Network Security Operations Center (NSOC). The Analyst will directly support the NSOC Team working in collaboration with the Information Assurance (IA) / Cybersecurity / Computer Network Defense (CND) Team to perform security information and event management (SIEM) tasks and other network operations support tasks.
Responsibilities: Analyzes information security requirements, translates requirements into security designs, implements security designs, and tests effectiveness. Provide Threat Reconnaissance for ISSM and Operations using all available tools and information. Possesses and employs working knowledge of standard information security products including Security Information Event Management Tools, Access Control Lists, intrusion detection systems (IDS), Endpoint Security, vulnerability testing and security analysis tools. Demonstrates competence in all phases of security requirements analysis and information security system design as well as available products and management practices. Understands U.S. Government security policy including DoD and appropriate civil agencies such as NIST, as well as commercial best practices. Conducts system integration of the McAfee product suite, identify system vulnerabilities and design or deploy solutions that support a high availability system. Operates, Understands, and provides Cyber Analyst reports from the McAfee Suite of SIEM products, including Enterprise Security Management (ESM), Database Event Monitor (DEM), Advanced Correlation engine (ACE), Application Data Monitor (ADM), Enterprise Log Manager (ELM), e Policy Orchestrator (ePO), SIEM Receivers, Solid Core, and other Cyber Security Products such as Tenable/ACAS - Nessus scanner, and ForeScout CounterAct. Provides advanced analytical support, and coordination with solution providers and vendors to support additional problem management activities as required related to SIEM products. Investigates and initiates Incident Response and Incident Handling procedures for SIEM events. Generates, monitors, and tracks incidents generated by the SIEM suite through resolution. Maintains Incident Response Plan and Incident Handling Procedures related to the NSOC and SIEM events. Assists IA by validating enclave and subsystems are providing proper logging, log retention, and providing accurate audit trails per NIST requirements. Provide a continual assessment of network device configuration and compliance ensuring rouge devices are located and removed for the system as soon as possible. Reviews and provides guidance on the proper implementation of DISA Security Technical Implementation Guide (STIG) requirements to Operations team. Serves as Cyber Security technical liaison between Government leads, Network Security Operations, Operations team, and IA team concerning implementation of newer technologies to infrastructure. Implement and upgrade security measures and controls Leads development of SIEM dashboards for technical teams and leadership Train fellow employees in security awareness and procedures Coordinate security plans with outside defensive cyber operations (DCO) teams Conduct Cyber Hunting Exercises Develop Test Environment for tool evaluation Provide Malware/Forensics (Policy and Procedure Development, Evidence Assessment, Acquisition, Examination, & Documenting and Reporting) Assess Threat Detection Capability Recommends and set SIEM to ingest Tactical, Strategic and Operational Threat Intelligence feeds Monitors and verifies Intelligence feeds are working properly in the SIEM Required Qualifications: Bachelor's degree. 10+ years of experience related to Cyber Analysis and Security. An additional 4 years of experience may be added in lieu of a Bachelor's degree. Experience and familiarity with McAfee Suite of SIEM products, Remedy ticketing system, and ITSM Framework DoD 8570 IAT Level II Certified (CCNA-Security, CompTIA Security+CE, GICSP, GSEC, or SSCP) AND Operating System (OS)/Computing Environment (CE) certification Active Secret Clearance or Interim Secret Clearance (Must be a US Citizen)
Solutions By Design II, LLC (SBD) is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at SBD will be based on merit, qualifications, and abilities. SBD does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, IWDs, Veteran Status or any other characteristic protected by law (referred to as "protected status").
Responsibilities: Analyzes information security requirements, translates requirements into security designs, implements security designs, and tests effectiveness. Provide Threat Reconnaissance for ISSM and Operations using all available tools and information. Possesses and employs working knowledge of standard information security products including Security Information Event Management Tools, Access Control Lists, intrusion detection systems (IDS), Endpoint Security, vulnerability testing and security analysis tools. Demonstrates competence in all phases of security requirements analysis and information security system design as well as available products and management practices. Understands U.S. Government security policy including DoD and appropriate civil agencies such as NIST, as well as commercial best practices. Conducts system integration of the McAfee product suite, identify system vulnerabilities and design or deploy solutions that support a high availability system. Operates, Understands, and provides Cyber Analyst reports from the McAfee Suite of SIEM products, including Enterprise Security Management (ESM), Database Event Monitor (DEM), Advanced Correlation engine (ACE), Application Data Monitor (ADM), Enterprise Log Manager (ELM), e Policy Orchestrator (ePO), SIEM Receivers, Solid Core, and other Cyber Security Products such as Tenable/ACAS - Nessus scanner, and ForeScout CounterAct. Provides advanced analytical support, and coordination with solution providers and vendors to support additional problem management activities as required related to SIEM products. Investigates and initiates Incident Response and Incident Handling procedures for SIEM events. Generates, monitors, and tracks incidents generated by the SIEM suite through resolution. Maintains Incident Response Plan and Incident Handling Procedures related to the NSOC and SIEM events. Assists IA by validating enclave and subsystems are providing proper logging, log retention, and providing accurate audit trails per NIST requirements. Provide a continual assessment of network device configuration and compliance ensuring rouge devices are located and removed for the system as soon as possible. Reviews and provides guidance on the proper implementation of DISA Security Technical Implementation Guide (STIG) requirements to Operations team. Serves as Cyber Security technical liaison between Government leads, Network Security Operations, Operations team, and IA team concerning implementation of newer technologies to infrastructure. Implement and upgrade security measures and controls Leads development of SIEM dashboards for technical teams and leadership Train fellow employees in security awareness and procedures Coordinate security plans with outside defensive cyber operations (DCO) teams Conduct Cyber Hunting Exercises Develop Test Environment for tool evaluation Provide Malware/Forensics (Policy and Procedure Development, Evidence Assessment, Acquisition, Examination, & Documenting and Reporting) Assess Threat Detection Capability Recommends and set SIEM to ingest Tactical, Strategic and Operational Threat Intelligence feeds Monitors and verifies Intelligence feeds are working properly in the SIEM Required Qualifications: Bachelor's degree. 10+ years of experience related to Cyber Analysis and Security. An additional 4 years of experience may be added in lieu of a Bachelor's degree. Experience and familiarity with McAfee Suite of SIEM products, Remedy ticketing system, and ITSM Framework DoD 8570 IAT Level II Certified (CCNA-Security, CompTIA Security+CE, GICSP, GSEC, or SSCP) AND Operating System (OS)/Computing Environment (CE) certification Active Secret Clearance or Interim Secret Clearance (Must be a US Citizen)
Solutions By Design II, LLC (SBD) is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at SBD will be based on merit, qualifications, and abilities. SBD does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, IWDs, Veteran Status or any other characteristic protected by law (referred to as "protected status").
Pay Rate:
Unspecified
HR. Website URL:
http://sbd2.catsone.com/careers
Sign Up to Apply to this position
(if you already have a CGO account, just press the button below)
About Solutions By Design II, LLC
SBD specializes in IT system modernization and support as an application transformation and agile process leader. We leverage open source technologies and cloud-based solutions to reduce operating costs and advance the value proposition of automated solutions. We also have a robust cybersecurity capability optimizing security operation centers through the use of workflow automation, technical expertise, and the use of leading edge security tools. Bottom line, we deliver technically innovative, reliable, and cost-effective solutions, services, and products to our federal customers.
Please visit this employer's Public Profile to see more jobs offered by Solutions By Design II, LLC