STG, an affiliated company of SOS International LLC (SOSi), is seeking a Network Security Specialist to support the Department of Homeland Security in Fairfax, VA. The selected candidate will perform technical analysis of network activity; the analyst monitors and evaluates network flow data, signature-based IDS events and full packet capture (PCAP) data. Triage IDS alerts; collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, prepare initial summary reports. Monitor and analyze signature-based IDS alerts and associated packet (PCAP) data. Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity. Lightweight programming/scripting skills to automate analytics are a plus. Document key event details and analytic findings in an incident management system.
The selected applicant will become part of the United States Computer Emergency Readiness Team (US-CERT), responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities. US-CERT provides advanced network and digital media analysis expertise and defends against malicious activity targeting networks within the United States and abroad.
ESSENTIAL JOB DUTIES
Conduct technical analysis of network traffic to identify anomalies, which may represent potentially malicious activity, and document the analysis in prescribed formats
Monitor and understand emerging threats on open source, defined as those technical vulnerabilities and exploits that could present a threat to government networks, analyze tools and exploits, and document the analysis in prescribed formats
Monitor IDS/IPS alerts, analyze associated network traffic, and document the analysis in prescribed formats
Report detected incidents to agencies, work toward resolution, escalate when required according to SOP
Development of IDS/IPS signatures based on indicators and analysis
Testing of IDS/IPS signatures to determine successful detection and level of false positives
Deployment of IDS/IPS signatures based on SOPs
Conduct technical analysis of data from partners, constituents, and monitoring systems to understand the nature of attacks, threats, and vulnerabilities
Assist with the development of mitigation strategies
Coordinate, communicate, share information, with CS&C and NCCIC components
Deploy to provide on-site support and assistance in the event of an exercise or cyber incident
Identify and document network-based tactics, techniques, and procedures used by an attacker to gain unauthorized system access
Participate in inter-agency sponsored community of interest analysis groups, and technical briefings and exchanges.
Assist with developing and maintaining Standard Operating Procedures
Support the collection and reporting of performance metrics
Security Clearance: Active Top Secret Security Clearance with SCI eligibility is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.
Education: Bachelors Degree in a Cybersecurity related field
Certifications: Security+, GCIA, GCIH, GSE, or other related professional certifications
This position may be filled at multiple grades based on experience: Minimum of 2 years related technical experience for a level 2 role, minimum of 5 years related technical experience for a level 3 role, minimum of 9 years related technical experience for a level 4 role, or minimum of 15 years related technical experience for a level 5 role.
Advanced skills in developing IDS signatures and ability to conceptualize IDS signatures from otherwise disparate information
Highly proficient in working with SNORT IDS software
In-depth understanding of Security Operations Center (SOC)/ Network Operations Center (NOC) operations
Previous experience managing a SOC/NOC environment highly preferred
Current DHS Suitability at the SCI level.
Experience working within the Federal government technology community
Knowledge of cyber policy & issues, the global cyber community, roles of major organizations how they interrelate and interact, and shortcomings in this structure.
Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.
Zero stress and one profile that can connect you directly to 1000s of companies.
We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.
Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.
Join now and be seen.