OnPoint is a vibrant, energetic, and growing ISO-certified technology and management consulting partner that provides critical thinking, strategic analysis, and thought leadership in a collaborative environment in an enduring effort to improve performance, lower costs, and achieve results for clients. We are guided by our principles: Clarity. Action. Results—for each client engagement we work to gain clarity, move into action, and achieve results. OnPoint specializes in delivering solutions in Information Assurance, Network Operations, Project Management and Systems Development.
OnPoint has an immediate opening for a SOC Real-Time Intrusion Analyst to join our project with the U.S. Department of Energy. This position is located in Las Vegas, NV, with occasional travel to other project and client locations.
Duties and Responsibilities:
Monitor, deter, identify, and investigate computer and network intrusions. Ability to research trends and countermeasures in computer/network vulnerabilities, exploits, and malicious activity. Develop and maintain in-depth knowledge and hands-on experience with computer network security techniques and best practices. Technical focus on the monitoring and analysis of large, distributed, and complex network and information systems. Candidate must be able to identify suspicious and malicious activity in a heterogeneous network environment and respond appropriately.
Duties and responsibilities include:
- Proficient written and verbal communication with customer representatives
- Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
- Read and understand network packet capture files
- Monitoring and analysis of network and IDS information
- Log collection, analysis, correlation, and alerting
- Identification of suspicious/malicious activities
- Identification and tracking of malicious code
- Reporting malicious activity to client locations with recommendations for remediation
- Review and management of incident resolutions
- Other duties as assigned
- Travel up to 10%
- Bachelor's Degree in Computer Science, Information Systems, Information Security or related technical discipline AND 2 years IT experience OR 4 years professional IT experience.
- Must possess active Q or TS clearance, or ability to obtain Q clearance is a requirement of employment
- US Citizenship required
- Must be willing to work various shifts in a 24x7 environment
- Strong knowledge of networking
- Strong knowledge of common network protocol behavior
- Strong knowledge of information security principles
- Excellent verbal and written communications skills
- Excellent customer service skills
- One or more years previous experience in network intrusion analysis is highly desired
- Experience with network and host-based IDS/IPS
- Experience with SIM/SIEM technologies
- The following information security training is highly desired: SANS GSEC, SANS GCIA, SANS GCIH, CEH, OSCP.
Other: The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, skills, or working conditions. OnPoint Consulting is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status. Candidates for positions with OnPoint Consulting must be authorized to work in the United States without benefit of visa sponsorship. Candidates for this position will undergo a government background investigation and must meet the requirements for access to sensitive government information.