Req ID 26388BR
Title Senior Security / Monitoring Analyst
Location AM-USA-VA Manassas VA
Job Duties and Responsibilities
* Provides special purpose consultation and support on technical matters;
* Performs ongoing monitoring and threat analysis;
* Analyzes logs/traffic;
* Identifies potential IT security incidents and escalates information to appropriate staff;
* Trains users and promotes security awareness to ensure system security and to improve server and network efficiency;
* Develops plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs;
* Confers with users to discuss issues such as computer data access needs, security violations, and programming changes;
* Monitors current reports of computer viruses to determine when to update virus protection systems; and
Documents computer security and emergency measures policies, procedures, and tests.
Physical Requirements Hearing
Speaking
Talking
Skills Ability to handle stress and work well under pressure
Analytical and Critical Thinking Skills
Leadership Skills
Listening Skills
Multi-Tasking Ability
Organizational Skills
Team-Building Skills
Qualifications
* At least five (5) years of related experience and/or training in the field of IT security monitoring and analysis
* Previous experience in and a proven method for performing 1st level analysis and interpretation of information from SOC systems
* Previous experience in and proven methods for incident identification/analysis, escalation procedures, and reduction of false-positives
* Based on task(s) assigned, state-of-the-art expertise on the hardware, software, and systems in use by the IT Security Branch and in the SOCs, such as ArcSight SIM, nCircle vulnerability assessment system, Cisco PIX firewall, TopLayer IDS balancer, Symantec Security Information Management System (SESA and SSIM), Symantec Client Security, NetIQ, Cisco VMS, and Cisco and Snort IDS/IPS sensors
* Customer service skills training
* Bachelors degree is a plus, or equivalent combination of education and experience
* Relevant professional certifications are a plus (desirable, not mandatory), such as:
- GIAC Certified Professional, Information Security Professional (GISP)
- GIAC Certified Intrusion Analyst (GCIA)
- ArcSight Certified Integrator/Administrator (ACIA)
Degrees Bachelors Degree
Equivalent Experience/Education
Majors Computer Science
Information Systems
Network Technology
None
Years of Experience 11-13 years w/High School Diploma
05-07 years w/Bachelors Degree
02-04 years w/Masters Degree
Position Type FT
Shift 1 - Day
Major Job Function Provides computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Conducts vulnerability assessments/penetration tests of information systems. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. Assists in deterring, identifying, monitoring, investigating and analyzing computer network intrusions. Requires Bachelors degree or equivalent and two to four years of related experience with a minimum of six months experience in one or more of the following: computer network penetration testing and techniques; computer evidence seizure, computer forensic analysis, and data recovery; computer intrusion analysis and incident response, intrusion detection; computer network surveillance/monitoring; network protocols, network devices, multiple operating systems, and secure architectures. Ability to obtain a security clearance.