Job Searchi - jobSearchi.com

Job Details

ID #23755797
State Illinois
City Scottafb
Job type Contract
Salary USD TBD TBD
Source Softworld, Inc.
Showed 2021-12-02
Date 2021-12-02
Deadline 2022-01-31
Category Et cetera
Create resume

SOC Analyst- Scott AFB

Illinois, Scottafb, 62225 Scottafb USA

Vacancy expired!

Job Number: 236433

SOC Analyst- Scott AFB

The Cyber Security Operations Analyst leads security event monitoring and correlation within a tiered Security Operations Center. The selected candidate should have proven experience and the ability to leverage computer network defense (CND) analyst toolsets to detect and respond to IT security incidents. The ability to implement standard procedures for incident response interfacing with Information Security Officer and IT staff is required. This role conducts research and document threats and their behavior to include monitoring external CSIRTS/CERTs; provides recommendations to threat mitigation strategies; employs effective web, email, and telephonic communications to clearly manage security incident response procedures; and performs routine event reporting over time including trend reporting and analysis. The role leads the team of intrusion detection analysts and manages the daily tasks and operations for the team.Experience in security or network technology (Unix/Windows OS, Cisco/Juniper Routing-Switching) within a hands-on design/Implementation/Administration role is required. Experience with Splunk and/or SIEM technologies is a plus. The selected candidate should demonstrate in-depth knowledge of TCP-IP protocol implementations for all common network services in addition to demonstrated capability to perform network packet analysis and anomaly detection. This role is professionally certified, within a CND discipline, as Technical Level III as defined by DODI 8570 is a requirement.

Responsibilities include, but are not limited to:

  • Execute intrusion detection monitoring and incident response and management processes and procedures IAW DoD policy and USTRANSCOM direction
  • Provide intrusion detection monitoring and incident management, to include installation, configuration, operation, and system administration of the GFE intrusion detection monitoring and incident management tool suite on-site 24x7 at Scott AFB
  • Provide on-site support at locations other than Scott AFB will be on an as needed basis and as directed by the government
  • Use intrusion detection monitoring and incident management tool suite consisting of network and host-based sensors, log consolidation mechanisms, analysis platforms and other products that may be directed or procured
  • Manage 24/7 schedules for the team
  • Update and maintain all IDA program deliverable standard operating procedures quarterly
  • Identify unauthorized activity against USTRANSCOM information systems and networks on NIPRNet and SIPRNet and initiate appropriate incident response actions
  • Perform installation of intrusion detection monitoring and incident management tools IAW USTRANSCOM processes, including requesting/coordinating hardware/software procurement (including lifecycle upgrades); performing project management, e.g. government provided requirements management tool and schedules; building and configuring systems to be Security Technical Implementation Guide (STIG) compliant; performing functional testing; developing system authorization/accreditation supporting documentation, requesting security evaluations and remediation of findings; and performing operational deployment
  • Perform the day-to-day mission execution of the intrusion detection monitoring and incident management and response activity
  • Perform the day-to-day operation and maintenance of the intrusion detection monitoring and incident management tool suite
  • Document changes to intrusion detection monitoring and incident management tools (e.g., software installs, patching, software configuration changes, etc.) in accordance with Change Management policies and provide configuration management data on all of its managed systems according to the schedule and format directed by the Government
  • Desired skills include experience with cloud-based hosting environments
  • In-depth knowledge of Splunk is desired.
  • Collect and provide the Government with monthly metrics on intrusion detection monitoring and incident management activity
  • Maintain current documentation on intrusion detection monitoring and incident management processes and procedures and provide the following deliverable documents to the government IAW the assigned suspense dates

Qualifications -

This position requires a Bachelor's degree with 3 years of experience or a total of 5 years of related experience. IAT Level II and Computer Network Defense Service Provider (CNDSP) certifications are required. The minimum of a Secret level DoD Security Clearance is required.

Essential Functions

Physical RequirementsRequires sitting for extended periods of time at a desk (90%). Requires sitting at a computer terminal for long periods of time (90%). There is a possibility that due to parking availability and location of work area walking moderate to long distances can sometimes be required.

Work EnvironmentInside office/cubicle environment. Requires ability to interact professionally with co-workers and all levels of management (100%).

Equipment and MachinesRequires ability to operate a personal computer, a telephone, copier, and other general office equipment (100%). Ability to conduct evaluation of third and fourth generation or current state of the art computer hardware and software and its ability to support specific requirements, interfacing with other equipment and systems.

AttendanceAttendance is critical. Work hours vary to cover 24/7 operations. Shifts vary between 8 - 12 hours per day up to 40 hours a week. Being prompt is important to provide continuous and on-going service to customers. Attendance is important to maintain continuity of service. Work outside of normal duty hours may be required with as little as one-hour advance notice. Overtime is infrequent, but important when required (1%).

Other Essential FunctionsMust be able to communicate effectively, both verbally and in writing. Must be able to interface with individuals at all levels of the organization. Must be able to obtain unescorted access to work areas. Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. An IAT Level III certification is required.

THIRD PARTY AGENCIES, SUBCONTRACTORS, AND RECRUITERS NEED NOT APPLY. Applicants received from firms will not be considered. Subcontracting is not available for this position.

Vacancy expired!

Subscribe Report job

Related jobs

»Lead Data Analyst
2021-12-02