Vacancy expired!
- Monitor network traffic for unusual indicators
- Monitor Endpoint Detection Response system for unusual/non-compliant activity
- Monitor email traffic for network threats and PII incidents
- Web proxy changes as needed per user request
- Respond to user ticketing system
- System maintenance(patches/updates) of critical security stack appliances (mainly linux)
- Support and monitor IDS, IPS, and associated monitoring software.
- Participate in security assessments.
- Respond to possible security incidents, identify false positives where applicable, open incident tickets, perform incident analysis, and close tickets upon completion.
- Coordinate with the Firewall team for IP and other network blocks based on incidents and findings.
- Provide packet capture analysis as needed using various tools such as WireShark network protocol analyzer.
- Generate monthly security trend analysis reports based on data gathered from various Computer Security Systems.
- Maintain existing and when required create new SOPs in support of this objective. SOPs shall be in compliance with DoD 8530.01M and current CND evaluators scoring matrix (currently ESM v9).
- Ensure all security incidents are identified and handled within established CND SLAs and follows the DoD IG Incident Handling Plan and CNDSP Incident Handling Plan procedures.
- Familiarity with Linux and windows based systems
- Networking experience to understand network diagrams and flow
- Strong knowledge of security practices
- Knowledge of attack vectors (supply chain, RCE, LPE, post exploitation)/vulnerabilities (cross site scripting, SQL injection, dictionary attacks, password spraying, etc.)
- Knowledge of EDR systems, IDS, SIEM, and Email Gateways.
Vacancy expired!