System One
Cyber Defense Analyst/Intrusion Detection Team Shift Lead (onsite)
System One, Washington, District of Columbia, us, 20022
Cyber Defense Analyst/Intrusion Detection Team Shift Lead – 2nd shift – 3pm - 11:30pm – Washington, DC – onsite – Must be able to obtain Public Trust clearance
Responsibilities
Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client
Provides timely and actionable sanitized intelligence to cyber incident response professionals
Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture
Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks
Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership
Qualifications
Bachelor's with 8+ years of cyber security experience (or commensurate experience)
7 years of security intrusion detection examination experience involving a range of security technologies that produce logging data, including wide area network host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs
Working experience of Splunk SIEM. Contractor will have at least two years as a cyber security or security operations shift team leader
At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas: creating advanced query methods in Splunk or advanced grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, and working in a SIEM environment
Ref: #850-Rockville (ALTA IT)
#J-18808-Ljbffr
Responsibilities
Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client
Provides timely and actionable sanitized intelligence to cyber incident response professionals
Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture
Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks
Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership
Qualifications
Bachelor's with 8+ years of cyber security experience (or commensurate experience)
7 years of security intrusion detection examination experience involving a range of security technologies that produce logging data, including wide area network host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs
Working experience of Splunk SIEM. Contractor will have at least two years as a cyber security or security operations shift team leader
At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas: creating advanced query methods in Splunk or advanced grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, and working in a SIEM environment
Ref: #850-Rockville (ALTA IT)
#J-18808-Ljbffr