Information Security Analyst

Location
Germantown, MD
Posted
Mar 14, 2017
Closes
Apr 04, 2017
Industry
Security
Hours
Full Time
GDIT is seeking a Cyber Security Analyst (Tier 2) to support of a Federal client's Enterprise Security Operations Center. The analyst will conduct activities in the areas of incident response, monitoring and detection, and cyber intelligence analysis.  The analyst is required to work from 6:00 am to 6:00 pm  shift. 

 

The analyst must be a US citizen with the ability to obtain a DOE Q clearance. 

 

The candidate must have experience working with various security methodologies and processes to include expert knowledge of TCP/IP protocols, configuring and implementing various SOC security solutions. Also advance knowledge security analysis and trending of network log data from various security appliances and tools.

 

 Responsibilities include:

 

Conducting Network Security Monitoring activities to include working with advance security team for resolution of cyber malware  

Perform day-to-day system analyst activities for enterprise cyber security solutions 

Provide incident response as part of the 24x7 Security Operations Center 

Have the ability to work shift work, with flexibility to cover both day and night time shifts, if required.

Education Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.

 

Preferred Skills:

 

    2 years of experience of Cyber Security Incident Response Team IT Operations experienceAdministrator level knowledge of OS basicsExperience with log analysis, event correlation and incident management procedures and systemsMSCE, RHCE, GCIH, CEH or CISSP certifications are preferredPrior experience using common scripting languages (Visual Basic, Power Shell, BASH, Perl, Python, Regex) to parse logs, and automate repeatable procedures

 

 

Qualifications Advance knowledge of networking tools, protocols and services. 

Strong understanding of Threat / Risk analysis. 

Must possess or be able to obtain and maintain a DOE Q clearance 

At least 1 year experience Cyber Incident Monitoring or education equivalent  

Ability to read and understand Log and Netflow data 

Ability to accurately summarize technical data (verbal and written) and conduct high level presentation for senior management  

Moderate understanding of Operating Systems Windows / Linux 

Ability to read and analyze PCAP data. 

Strong oral and written communication skills  

Advance knowledge of network security monitoring tools: 

IDS / IPS tools: Snort 

Packet capturing tools Solera / Wireshark 

McAfee Enterprise Security Manager 

HBGary 

BRO