IT Job Pro

Most Popular Tech Job site – Find Jobs || Post Jobs

Network Security Specialist

Fairfax, Virginia SOS International LLC (SOSi)

Company Overview

For 29 years, clients in the private and public sectors have relied upon SOS International LLC (SOSi) for critical operations in the world’s most challenging environments. SOSi is privately held, was founded by its current ownership in 1989, maintains corporate headquarters in Reston, VA, and specializes in providing logistics, construction, training, intelligence, and information technology solutions to the defense, diplomatic, intelligence and law enforcement communities.

All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.

5-******-7823: Network Security Specialist

LocationU.S. – Virginia – Fairfax

Open Date9/18/2018

JOB DESCRIPTION

STG, an affiliated company of SOS International LLC (SOSi), is seeking a Network Security Specialist to support the Department of Homeland Security in Fairfax, VA. The selected candidate will perform technical analysis of network activity; the analyst monitors and evaluates network flow data, signature-based IDS events and full packet capture (PCAP) data. Triage IDS alerts; collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, prepare initial summary reports. Monitor and analyze signature-based IDS alerts and associated packet (PCAP) data. Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity. Lightweight programming/scripting skills to automate analytics are a plus. Document key event details and analytic findings in an incident management system.

The selected applicant will become part of the United States Computer Emergency Readiness Team (US-CERT), responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities. US-CERT provides advanced network and digital media analysis expertise and defends against malicious activity targeting networks within the United States and abroad.

ESSENTIAL JOB DUTIES

Conduct technical analysis of network traffic to identify anomalies, which may represent potentially malicious activity, and document the analysis in prescribed formats

Monitor and understand emerging threats on open source, defined as those technical vulnerabilities and exploits that could present a threat to government networks, analyze tools and exploits, and document the analysis in prescribed formats

Monitor IDS/IPS alerts, analyze associated network traffic, and document the analysis in prescribed formats

Report detected incidents to agencies, work toward resolution, escalate when required according to SOP

Development of IDS/IPS signatures based on indicators and analysis

Testing of IDS/IPS signatures to determine successful detection and level of false positives

Deployment of IDS/IPS signatures based on SOPs

Conduct technical analysis of data from partners, constituents, and monitoring systems to understand the nature of attacks, threats, and vulnerabilities

Assist with the development of mitigation strategies

Coordinate, communicate, share information, with CS & C and NCCIC components

Deploy to provide on-site support and assistance in the event of an exercise or cyber incident

Identify and document network-based tactics, techniques, and procedures used by an attacker to gain unauthorized system access

Participate in inter-agency sponsored community of interest analysis groups, and technical briefings and exchanges.

Assist with developing and maintaining Standard Operating Procedures

Support the collection and reporting of performance metrics

MINIMUM REQUIREMENTS

Security Clearance: Active Top Secret Security Clearance with SCI eligibility is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.

Education: Bachelors Degree in a Cybersecurity related field

Certifications: Security+, GCIA, GCIH, GSE, or other related professional certifications

This position may be filled at multiple grades based on experience: Minimum of 2 years related technical experience for a level 2 role, minimum of 5 years related technical experience for a level 3 role, minimum of 9 years related technical experience for a level 4 role, or minimum of 15 years related technical experience for a level 5 role.

Advanced skills in developing IDS signatures and ability to conceptualize IDS signatures from otherwise disparate information

Highly proficient in working with SNORT IDS software

In-depth understanding of Security Operations Center (SOC)/ Network Operations Center (NOC) operations

ADDITIONAL INFORMATION

PREFERRED QUALIFICATIONS

CISSP

Previous experience managing a SOC/NOC environment highly preferred

Current DHS Suitability at the SCI level.

Experience working within the Federal government technology community

Knowledge of cyber policy & issues, the global cyber community, roles of major organizations how they interrelate and interact, and shortcomings in this structure.

To apply for this job please visit itjobpro.com.