Network Security Specialist

Employer
AboutWeb
Location
Arlington, Virginia
Posted
May 10, 2019
Closes
Aug 30, 2019
Ref
19-00100
Industry
Security
Hours
Full Time
AboutWeb, LLC is looking for a Network Security Specialist to support our Federal Client in the Northern Virginia area.

Responsibilities Include:
  • Technical analysis of network activity; the analyst monitors and evaluates network event data, signature-based IDS events and full packet capture (PCAP) data.
  • Triage IDS alerts; collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, prepare initial summary reports.
  • Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity
  • Document key event details and analytic findings in an incident management system
  • Provide oversight and assessment of incident response and triage actions across a large enterprise
  • Identify & extract network indicators from incident reporting and published technical advisories/bulletins
  • Perform incident correlation & escalation
  • Recommend new IDS signatures and detection strategies.
  • Produce final reports and review incident reports from other analysts.
  • Assess cyber indicators/observables and collaborate in the development of IDS signatures and detection mechanisms.
  • Provide technical assessments of cyber threats and vulnerabilities
  • Fuse open-source threat & vulnerability information with data collected from sensors across the enterprise
  • Develop, maintain and update standard operating procedures
  • Provide routine status updates for ongoing projects, trouble tickets, incidents, and other related tasks
  • Research and evaluate emerging capabilities
  • Ensure that all alerts are monitored, interpreted, analyzed, and investigated
  • Utilize external reporting tools for threat intelligence
  • Monitor all security-relevant logs and alerts for signs of compromise, attack, or system misuse and policy violations
  • Innovate new methods to use existing tools and data sources, and identify and obtain new data sources, to detect cyber intrusions

Requirements that candidates will be evaluated against:
  • Bachelor's degree
  • Active Top Secret Security Clearance with ability to obtain a Client SCI, as well as obtain and maintain a favorably adjudicated Client background investigation (EOD) for continued employment.
  • Experience in planning and/or directing projects/operations in a 24x7 SOC
  • Experience providing metrics and reports from a SIEM
  • Demonstrated proficient knowledge of industry standards and best practices within Intrusion Detection
  • Experience with researching and fielding new and innovative technology
  • Experience managing IT systems

Preferred Qualifications or Skills:
  • DODD 8570 Level II certification (SANS certifications, CISSP)
  • Experience leading and managing within SOC/NOC operations
  • Familiarity with Kill Chain for incident response
  • Familiarity with malware analysis
  • Familiarity with forensics
  • Familiarity with incident response products and best practices
  • Experience with database (e.g. MS Access, SQL) and/or portal administration (e.g. SharePoint)
  • Customer service experience
#AW