Vacancy expired!
Tier 2 InfoSec Analyst in Oak Ridge, TN at VoltDate Posted: 5/6/2019
Job Snapshot
Employee Type: Contingent
Location: Oak Ridge, TN
Job Type: Computer Industry
Duration: 24 weeks
Date Posted: 5/6/2019
Job ID: 176559
Contact Name Volt Branch
Phone 919-782-7440
Job DescriptionHours:3rd Shift 10:00PM to 8:00AM (4/10 Schedule)Description:The Cyber Security Analyst is responsible for shift lead duties related to the real-time 24/7 monitoring, analysis, and resolution of identified security events. Will support daily security operations center activities utilizing a SIEM and monitor events from multiple sources including but not limited to firewall logs, system logs (Unix and Windows), network and host based intrusion detection systems, applications, databases, and other security information monitoring tools.Job Duties:Threat Intel:
Perform threat and vulnerability assessment.
Identify intrusion activity.
Leverage threat intelligence e.g. DSIE, NCFTA.
Assess the impact of potentially malicious traffic on company network and infrastructure.
Perform in-depth analysis of environmental anomalies.
Perform live incident response by identifying and remediating malicious activity.
Collaborate with other Information Security and IT team members.
Develop appropriate metrics (key risk and performance indicators) to measure the monitoring program and related process.
Monitor basic IDS/IPS rules to identify and/or prevent malicious activity.
Conduct research of emerging security threats.
Propose additional components and techniques that could be used to proactively detect and prevent malicious activity.
Splunk
Develop and test new correlation content and use cases using SplunkES filters, rules, data monitors, active lists, and session lists
Provide second-level Real-time monitoring of security notable events
Provide second-level Analysis and research of security notable events
Develop resolution process of identified security incidents
Investigate and approve/deny IP block requests
Identifies false-positives from alerting
Perform daily operations utilizing SIEM and monitor events from multiple sources
Review event finding submitted by Cyber Security Center Support
Assign event analysis and research to Cyber Security Center Support as needed
Mentor Cyber Security Center Support
Archer
Make decision regarding escalation
Create incident ticket as needed
Communicate and escalate issues and incidents as required by process or management
Maintain status and update event tickets as needed
Vulnerability Scanning
Monitor and respond to vulnerability scanning requests per process
Build and run vulnerability scans
Monitor vulnerability scans
Address any vulnerability scan issues
Review scan reports and follow-up with system stakeholders
General
Responsible for meeting all SLA requirements during shift
Performing documentation review and improvement
Attending meetings as needed
Documentation of all incidents tickets in the appropriate systems
Complete and post shift log at end of each shift
Participate in knowledge sharing with other analysts
Present with confidence, findings of an investigation
Additional responsibilities will include the ability to perform shift lead duties and train, mentor, and provide oversight to Cyber Security Center Support
Cover shift rotation, including weekends and holidays of a 24/7 operation
QualificationsTo be considered for this role it is preferred the candidate have 5-7 years of Security Operations hands on experience with network technologies, specifically TCP/IP, and related network security tools.Must have:
Four year degree in related field
Minimum two years experience with SIEM
A strong understanding of TCP/IP and networking concepts
Understanding of source code, hex, binary, regular expression, etc.
Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, authentication, network flow, IDS, system logs, etc.)
Knowledgeable in attacker capabilities, intentions, and motives; be able to apply this along with knowledge of network fundamental and open source technologies in order to devise key intelligence topics, indicators, and warnings
A strong understanding of incident response methodologies
Use of IDS, IPS, and/or other signature matching technology
Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management
Subject matter expert in one or multiple areas such as firewalls, intrusion detection analysis, incident response, etc.
Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
Experience assisting the development and maintenance of tools, procedure, and documentation
Customer service experience, including the resolution of customer escalations, incident handling, and response
Experience in a fast paced, high stress, support environment
Ability to follow detailed process and procedure documentation
Ability to present complex solutions and methods to general community
Demonstrated ability to be reliable and flexible
Excellent written and verbal communication and organizational skills
Outstanding work ethic
Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
Nice to have:
Two or more of the following (or equivalent):
CERT CSIH (CERT-Certified Computer Security Incident Handler)
SANS GCIH (GIAC Certified Incident Handler)
OSCP (Offensive Security Certified Professional)
ECIH (EC-Council Certified Incident Handler)
CISSP certification
CompTIA Security+ Be able to obtain or have an active DoD security clearance (Secret)
This is a contingent/temporary position offered through Volt Workforce Solutions. Volt offers competitive compensation, the chance to work with some of the world’s leading companies, and a staff committed to helping you take the next step on your career path.To learn more about Volt, please visit: http://www.volt.com at http://www.volt.com/ and to see more of our job postings, please visit: http://jobs.volt.com at http://jobs.volt.com/Volt is an Equal Opportunity Employer.In order to promote this harmony in the workplace and to obey the laws related to employment, Volt maintains a strong commitment to equal employment opportunity without unlawful regard to race, color, national origin, citizenship status, ancestry, religion (including religious dress and grooming practices), creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), sexual orientation, gender identity, gender expression, marital or parental status, age, mental or physical disability, medical condition, genetic information, military or veteran status or any other category protected by applicable law.
Vacancy expired!