Location: NCO024 - Morrisville – ON SITE – Local Candidates required
Job Description: CSOC Analyst (Tier 2) Day Shift - Onsite support
Key Responsibilities:
•Identification of Cybersecurity problems which may require mitigating controls
•Analyze network traffic to identify exploit or intrusion related attempts
•Recommend detection mechanisms for exploit and or intrusion related attempts
•Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
•Escalate items which require further investigation to other members of the Threat Management team
•Execute operational processes in support of response efforts to identified security incidents
Job responsibilities will include:
•Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
•Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
•Follows strict guidance on reporting requirements
•Keeps management informed with precise, unvarnished information about security posture and events
•Promotes standards-based workflow both internally and in coordinating with US-CERT
•Engages with other internal and external parties to get and share information to improve processes and security posture
•Guide team efforts
•Communicates to CISO leadership
•Leads analyzing/investigating reports or anomalies
Requirements:
•Preferred 3+ years IT security experience
•Preferred 2+ years’ experience in network traffic analysis
Strong working knowledge of:
•TCP/IP Fundamentals
•Network Level Exploits
•Excellent oral and written communication skills
•Excellent interpersonal and organizational skills
•Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
•Strong understanding of common IDS/IPS architectures and implementations
•Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
Desired Skills:
•Splunk experience, developing queries
•Cloud monitoring experience is a plus
•Excellent writing skills
Required Education:
•Two years of related work experience may be substituted for each degree-level education.
EXPERIENCE LEVEL:
•3-5 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
EDUCATION:
Bachelors Degree in Computer Science, Information Technology or Information Security preferred or a technically related field OR equivalent related work experience
• Must be able to obtain a Position of Public Trust Clearance • Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
• Once candidate’s resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
• If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
• All candidates must be a US Citizen, or have permanent residence status (Green Card).
• Candidate must have lived in the United States for the past 5 years.
• Cannot have more than 6 months travel outside the United States within the last five years.