CSOC- Tier 2 Analyst (NIGHT SHIFT-ONSITE)

Depends on Experience

Contract: W2, 7 Month(s)

  • No Travel Required

Skills

NightITSecuritySupportNetworkTCPIDS/ IPS

Job Description

Please note that this is a 7 months contract position. 

Night Shift- Onsite at Falls Church, VA
Days off: Monday-Tuesday
Hours: 2:00 pm-11:00pm

Requirements:
• Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
• Preferred 3+ years IT security experience
• Preferred 2+ years’ experience in network traffic analysis
• Strong working knowledge of:
• TCP/IP Fundamentals
• Network Level Exploits
• Excellent oral and written communication skills
• Excellent interpersonal and organizational skills
• Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
• Strong understanding of common IDS/IPS architectures and implementations
• Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection

Desired Skills:
• Splunk experience, developing queries
• Cloud monitoring experience is a plus
• Excellent writing skills

EXPERIENCE LEVEL:
•3-5 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).

EDUCATION:
Bachelors Degree in Computer Science, Information Technology or Information Security preferred or a technically related field OR equivalent related work experience

CERTIFICATIONS: (One or more desired)
CompTIA Security +
CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
GCIH - (GIAC Certified Incident Handler) or ECIH - (EC-Council Certified Incident Handler)
CISA - Certified Information Systems Auditor

Key Responsibilities:
• Identification of Cybersecurity problems which may require mitigating controls
• Analyze network traffic to identify exploit or intrusion related attempts
• Recommend detection mechanisms for exploit and or intrusion related attempts
• Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
• Escalate items which require further investigation to other members of the Threat Management team
• Execute operational processes in support of response efforts to identified security incidents

Job responsibilities will include:
• Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
• Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
• Follows strict guidance on reporting requirements
• Keeps management informed with precise, unvarnished information about security posture and events
• Promotes standards-based workflow both internally and in coordinating with US-CERT
• Engages with other internal and external parties to get and share information to improve processes and security posture
• Guide team efforts
• Communicates to CISO leadership
• Leads analyzing/investigating reports or anomalies

Applicants must provide their phone number. Reference job number A3226.