Senior Cyber Security Specialist

Employer
AboutWeb
Location
Washington D.C.
Posted
Apr 19, 2018
Closes
Jun 05, 2018
Function
IT, Security Engineer
Industry
Security
Hours
Full Time
Cyber Security Specialist, Senior (Threat Hunter/ 10 yrs experience)

AboutWeb is seeking an experienced, motivated Cyber Security Specialist, Senior (Threat Hunter) to support our VA customer. U.S. Citizenship is required for this role.

Must have experience with:
  • SIEM (prefer Splunk or ArcSight) experience in custom queries, searches, creating correlated alerts, and dashboard creation
  • Splunk or similar SIEM experience from the perspective of creating searches and understanding how to pivot in the data fields to follow an investigation.
  • An understanding of how to mine IOCs and what to do with them.
  • Understanding of what an APT and FO (Focused Operators) are and how they work
  • Event/Incident research specifically as it ties into APTs and FOs
  • Understanding of the APT Kill Chain
  • An understanding of Hacker/APT TTPs
  • An understanding and analysis of event logging from many different devices
  • TCP/IP
  • Packet Analysis
  • Understanding of malware and malware behavior
  • Independent/Team worker
  • Prefer self-motivated folks
  • A deep desire to win and persistent in sometimes frustrating circumstances
Responsibilities
Performs advanced analysis of adversary tradecraft, malicious code, and capabilities. Provides cyber threat and intelligence analysis, and develops briefings and reports to distribute and aid in information sharing and protection efforts. Develops and maintains subject matter expertise of Advanced Persistent Threats and assists with Incident Response efforts.

Serves as the expert which shall be responsible for providing expert cyber threat and intelligence technical support to all sites listed in the place of performance. The Advanced Cyber Threat Analyst II is required to provide expert technical support to monitor, correlate, identify, analyze, mitigate, manage, track and support processes for all security incidents. The Advanced Cyber Threat Analyst II shall have knowledge of, and experience in, the following:
1. Cyber Security Policy and advanced cyber security threat mitigation at the Expert level
2. Advanced Cyber security tools, network topologies, intrusion detection, PKI, and secured networks
3. Implementation of cyber security regulations
4. Tracking all activity, insuring timely resolution of problems
5. Coordinating the development of advanced security signature or access control mechanisms that can be implemented on security systems such as intrusion prevention - detection systems, firewalls, routers or endpoint in response to new or observed threats within the enterprise
6. Leading the identification of advanced security systems and controls to ensure the monitoring and configuring of security appliances
7. Ensuring that Analysts receive and analyze alerts from various enterprise level sensors and determine possible causes of such alerts
8. Performing advanced analysis of adversary tradecraft, malicious code, and capabilities
9. Creating and leading processes that support the analysis of log files from a variety of enterprise level systems and sensors to include individual host logs, network traffic logs, firewall logs, and intrusion detection/prevention system logs
10. Identifying anomalous activity and potential threats to enterprise resources
11. Monitoring external and internal data sources in order to maintain enterprise threat conditions
12. Leading the processes which support event correlation by using information gathered from a variety of system and sensor sources within the enterprise;
13. Managing the collection and advanced analysis of intrusion artifacts and using discovered data to enable mitigation potential of incidents within the enterprise.
14. Providing advanced network event analysis and intrusion analysis.
Qualifications
  • Bachelor's degree in Information Technology or Business
  • Minimum of six (6) years oof Information Technology experince, in addition to a minimum of four (4) years of advanced Cyber Threat Information experience
  • Must hold one of the following certifications:
    • Certified Ethical Hacker (CEH)
    • Certified Information Systems Auditor (CISA)
    • GIAC Systems and Network Auditor (GSNA)
    • GIAC Certified Incident Handler (GCIH)
    • Certified Computer Security Incident Handler (CSIH)
  • Excellent verbal communication skills
  • Outstanding written skills for preparing reports and briefings
  • Excellent analytical and problem solving skills
  • Ability to obtain a DoD Secret security clearance
  • U.S. Citizenship is required as is successfully passing a thorough Government background screening process requiring the completion of detailed forms and fingerprinting.
#AW

Similar jobs