Location work will be performed: NCO024 - Morrisville
Job Description: Cyber Security Analyst III (Remote support will be considered, candidates local to Raleigh NC will be given preference)
Respond to Cyber Security Incidents, provide cyber threat analysis and reporting to support SOC and Program’s situational awareness.
Will actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, and will provide proactive threat research.
Most critical requirement :
Must demonstrate a solid understanding of cyber security analysis, incident response, incident handling, and a proven experience on an incident response team. Experience with Splunk, Sentinel One, Armis, SNA preferred.
Duties:
Responsible for developing procedures and policies for initial stand up of a security operations center (SOC) and ongoing management of the SOC.
Support Tier 2 operations by monitoring alerts during critical and high-volume events.
Conduct more in-depth analyses of security incidents to identify incidents of compromise.
Perform intrusion scope and root cause analyses and assist with intrusion remediation, strategy development, and implementation. Recommend effective process changes to enhance defense and response procedures.
EXPERIENCE LEVEL:
5-7 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
EDUCATION:
Bachelor’s Degree in Computer Science, Information Technology or Information Security
CERTIFICATIONS: (One or more required)
CompTIA Security +
CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker GCIH - (GIAC Certified Incident Handler) or ECIH - (EC-Council Certified Incident Handler) CISA - Certified Information Systems Auditor
Additional Provisions:
Pass a client mandated clearance process to include drug screening, criminal history check and credit check.
Once candidate’s resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
All candidates must be a US Citizen or permanent status Green Card holder.
Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
All overtime must be pre-approved in writing by the client manager or his/her designated representative.
Agency will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.