Job Details

ID #41167412
State Maryland
City Annapolis
Full-time
Salary USD TBD TBD
Source ICF Consulting Group, Inc.
Showed 2022-05-19
Date 2022-05-19
Deadline 2022-07-18
Category Et cetera
Create resume

Elastic Cybersecurity Analyst

Maryland, Annapolis, 21401 Annapolis USA

Vacancy expired!

Bring your Cyber Threat Hunting experience and take advantage of this opportunity to discover how you can start to push past possible and achieve your goals today. As a Cybersecurity Analyst you will be responsible for coordinating and contributing to the Elastic training program that informs, educates, and executes on the implementation of Elastic with our clients. This position will partner with the other training professionals, stakeholders and other teams to provide instruction on the Elastic platform. This assignment also includes curriculum and program development and delivery, participation in department meetings, collaboration across disciplines, providing student support resources, and participation in ongoing professional development.Your work will contribute to the knowledge of how cyber-attacks work, how vulnerabilities are exploited, and the way hostile cyber actors operate. This role is full-time remote with an option of 25-50% travel (when travel resumes). As an experienced SME, you will work closely with leaders and stakeholders to expertly translate training concepts in Elasticsearch, Logstash, and Kibana.We will be asked to participate in a series of interviews demonstrating your knowledge, skills, and abilities about the Elastic platform. You will be asked to participate in a panel interview and provide a small instructional overview as part of the hiring process. Your candidacy will be contingent upon successfully completing the panel interview.Candidates will benefit from our partner training incentive to pursue Elastic certifications as a part of their candidacy and can be reimbursed for certification costs as of successfully onboarding onto the program.This is an opportunity to contribute to an important effort from its beginning, work with the latest and emerging technologies all while building a great career at ICF! RESPONSBILITIESYou’ll be a great fit if you:Familiarity supporting federal Information Assurance Programs setting policy, governance, security operations programs, and NIST requirements.

Experience teaching in-person or remote advanced cybersecurity curriculum to federal and commercial clients.

Contributing to instructional delivery, time management skills and attention to detail

Strong presentation skills and ability to facilitate and gain consensus among stakeholders and clients with disparate views.

Experience with technical hands-on experience in threat hunting and security operations center support.

Experience developing cybersecurity reports, dashboards, and scripts.

Experience using automation and scripting to deploy and monitor systems.

Research new and novel tactics, techniques, and procedures (TTP) to protect data and privacy.

Perform in-depth analysis and or security testing of information systems, using a wide variety of tools and techniques.

Review operational results for accuracy, probability, and impact.

Ability to comprehend and explain complex concepts and initiatives to audiences that have various levels of understanding.

Training consists primarily of a 5-day security course:

Each module is a single day and delivered with the goal of teaching methodology and how to use Elastic/Kibana to threat hunt.

Module 1 Zeek

Module 2 Suricata

Module 3 Pcap/Stenographer

Module 4 Kibana

Module 5 Capstone/Threat hunting

BASIC QUALIFICATIONSThe following skills/experience/knowledge are required to be considered for this role:Position is full-time remote with an option of 25-50% travel (if/when travel resumes)

5-10 years cyber threat hunting experience

Delivering complex cybersecurity instruction and network security concepts

Minimum of 5 years of advanced experience in network security or a network security certification.

In-depth experience Elastic products and/or providing instructions

Advanced knowledge of cyber threats and tactics, techniques, and procedures (TTPs).

Experience in managing identity access management processes.

Experience configuring and supporting system scanning applications (DB Protect, Guardium, Tenable, etc) to support a range of target systems (Linux, Unix, Windows, Mainframes, Oracle, SQL Server, etc.)

Experience using data analysis to drive system and configuration enhancement for scanning and security applications

Experience in day-to-day operation of an IT Security Group including incident forensics, risk analysis, threat assessment and mitigation activities.

May lead training teams and/or projects coordinating work activities, reporting on work status and providing input on team performance.

Manages host-based security software across multiple systems to protect data and system resources.

Experience in reviewing threats and counter-measures, monitors incidents and maintains general awareness of threats to IT resources.

Applies extensive technical expertise in principle discipline and broad knowledge in related security disciplines in revising or developing new methods and procedures.

Has demonstrated Superior leadership ability to lead, inspire, and direct a team of engineers.

Experience in managing access management processes to grant and remove user access to IT systems.

Collect and analyze data, make recommendations to improve our approach and the results of future communications, events, and activities.

PREFERRED QUALIFICATIONSActive High Level DOD clearance preferred but not required

Deep understanding of Elasticsearch and/or Lucene

Elastic Certified Analyst certification

Certified at IAT – Level 1 or above

Certification as a CCNP or CCIE in Security (bonus)

MS in Computer Science, Information Technology, Engineering, or Business discipline

Experience contributing to an open-source project or documentation

Experience in delivering instruction for enterprise search or databases

Experience in managing identity access management processes.

Experience configuring and supporting system scanning applications (DB Protect, Guardium, Tenable, etc) to support a range of target systems (Linux, Unix, Windows, Mainframes, Oracle, SQL Server, etc.)

Experience using data analysis to drive system and configuration enhancement for scanning and security applications

Experience in day-to-day operation of an IT Security Group including incident forensics, risk analysis, threat assessment and mitigation activities.

May lead training teams and/or projects coordinating work activities, reporting on work status and providing input on team performance.

Manages host-based security software across multiple systems to protect data and system resources.

Experience in reviewing threats and counter-measures, monitors incidents and maintains general awareness of threats to IT resources.

Applies extensive technical expertise in principle discipline and broad knowledge in related security disciplines in revising or developing new methods and procedures.

Has demonstrated Superior leadership ability to lead, inspire, and direct a team of engineers.

Experience in managing access management processes to grant and remove user access to IT systems.

Collect and analyze data, make recommendations to improve our approach and the results of future communications, events, and activities.

PROFESSIONAL SKILLS/EXPERIENCEProvide leadership, management and coaching to a team of driven communicators.

The candidate must have client service experience and strong communication skills (both oral and written) and presentation skills

Has demonstrated Superior leadership ability to lead, inspire, and direct a team of instructors and/or engineers.

Working at ICFWorking at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth.We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy (https://www.icf.com/legal/equal-employment-opportunity) .COVID-19 Policy: New or prospective U.S. employees must provide proof of complete vaccination on the date of their commencement of employment. If selected for employment, you will provide proof of your full vaccination status, defined as vaccinated two weeks after receiving the requisite number of doses of a COVID-19 vaccine approved or authorized for emergency use by the FDA.Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email icfcareercenter@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law (https://www.eeoc.gov/sites/default/files/migratedfiles/employers/posterscreenreaderoptimized.pdf) and Pay Transparency Statement (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transpEnglishunformattedESQA508c.pdf) . Virginia Remote Office (VA99)

Vacancy expired!

Subscribe Report job