Overview
Remote
Depends on Experience
Contract - W2
Contract - 1 Month(s)
Skills
IT Security Analyst (3+ yrs) with expertise in IDS/IPS
traffic analysis
and Microsoft 365/Azure/GCP environments. Strong TCP/IP
anomaly detection
and cloud security response. Splunk & threat monitoring a plus. Security certifications (Security+
CISSP
etc.) preferred.
Job Details
No C2C/H1B/EAD - Since this is a government contract.
Please note that this is a 1-month contract position.
Requirements:
• Preferred 3+ years IT security experience
• Preferred 2+ years’ experience in network traffic analysis
• Strong working knowledge of:
• TCP/IP Fundamentals
• Network Level Exploits
• Excellent oral and written communication skills
• Excellent interpersonal and organizational skills
• Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
• Strong understanding of common IDS/IPS architectures and implementations
• Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
• Azure and Google Cloud Platform O365/Microsoft 365 experience required
• Preferred 3+ years IT security experience
• Preferred 2+ years’ experience in network traffic analysis
• Strong working knowledge of:
• TCP/IP Fundamentals
• Network Level Exploits
• Excellent oral and written communication skills
• Excellent interpersonal and organizational skills
• Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
• Strong understanding of common IDS/IPS architectures and implementations
• Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
• Azure and Google Cloud Platform O365/Microsoft 365 experience required
Desired Skills:
• Splunk experience, developing queries
• Cloud monitoring experience
• Cloud monitoring experience
• Excellent writing skills
Required Education:
• Bachelor's OR Master's Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience.
Certifications (one or more desired):
• Comp TIA Security+, CISSP, CISA, CISM, GIAC, RHCE.
Key Responsibilities: Required Education:
• Bachelor's OR Master's Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience.
Certifications (one or more desired):
• Comp TIA Security+, CISSP, CISA, CISM, GIAC, RHCE.
• Identification of Cybersecurity problems which may require mitigating controls
• Analyze network traffic to identify exploit or intrusion related attempts
• Recommend detection mechanisms for exploit and or intrusion related attempts
• Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
• Escalate items which require further investigation to other members of the Threat Management team
• Execute operational processes in support of response efforts to identified security incidents
• Responsible for monitoring, reviewing, and responding to security alerts and incidents across multiple platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC). Duties include performing threat detection and analysis, investigating suspicious activity, coordinating incident response efforts, and implementing remediation actions. The role also involves tuning security policies, maintaining visibility into cloud and endpoint environments, and supporting continuous improvement of the organization’s security posture
Job responsibilities will include:
• Analyze network traffic to identify exploit or intrusion related attempts
• Recommend detection mechanisms for exploit and or intrusion related attempts
• Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
• Escalate items which require further investigation to other members of the Threat Management team
• Execute operational processes in support of response efforts to identified security incidents
• Responsible for monitoring, reviewing, and responding to security alerts and incidents across multiple platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC). Duties include performing threat detection and analysis, investigating suspicious activity, coordinating incident response efforts, and implementing remediation actions. The role also involves tuning security policies, maintaining visibility into cloud and endpoint environments, and supporting continuous improvement of the organization’s security posture
Job responsibilities will include:
• Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
• Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
• Follows strict guidance on reporting requirements
• Keeps management informed with precise, unvarnished information about security posture and events
• Promotes standards-based workflow both internally and in coordinating with CISA
• Engages with other internal and external parties to get and share information to improve processes and security posture
• Guide team efforts
• Communicates to CISO leadership
• Leads analyzing/investigating reports or anomalies
• Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
• Follows strict guidance on reporting requirements
• Keeps management informed with precise, unvarnished information about security posture and events
• Promotes standards-based workflow both internally and in coordinating with CISA
• Engages with other internal and external parties to get and share information to improve processes and security posture
• Guide team efforts
• Communicates to CISO leadership
• Leads analyzing/investigating reports or anomalies
Applicants must provide their phone number. Reference job number A4777.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.