Cyber Security Operations Analyst - Senior
Acts as primary contact for the initial intake of cyber security events; triages potential incidents, determines the nature and scope of the event/incident, and classifies the severity and priority of the incident. Leads action team following valid incidents requiring remediation as the single point of contact for information related to Security Operations Center (SOC) cyber security issues. Acts as the primary SOC resource with responsibility to coordinate and assist with all phases and personnel of the information security response lifecycle. Analyzes all security systems log files, reviews and keeps track of triggered events, researches current and future cyber threats, reconciles correlated cyber security events, develops and modifies new and current cyber security correlation rule sets, and operates SOC equipment and technology.
Provides Tier II/III technical expertise on post event network security logs and trend analysis.; Detects the full spectrum of known cyber attacks (e.g., DDoS, malware, phishing, others).; Uncovers security and compliance violations.; Pinpoints location of compromised systems and devices.; Correlates events from the various components in the IT security infrastructure and identifies attacks and breaches.; Associates and correlates IP address related events with specific systems or devices in the IT infrastructure.; Identifies and analyzes intelligence information about threats to customer's information processing systems.; Associates and correlates assets with dynamically assigned IP addresses over time.; Associates and correlates events and security incidents with individuals and their role and organization.; Conducts cyber incident and event monitoring.
The work site is located in Leesburg, Virginia. Staff Analyst Responsibilities include:
- Oversee and assist as necessary, the 1st level Duty Analysts (DAs) as they perform the following functions:
- Perform daily Intrusion Detection Sensor (IDS) monitoring to ensure that all sensors are active.
- Review the Security Information Management (SIM) tool interface, as the tool correlates and aggregates alert data from multiple IDS sensor types and additional security devices.
- Review alerts and packet-level data collected from sensors on a daily basis and report findings to the government Watch Officer (WO).
- Provide incident response functions when appropriate and coordinate activities with field site personnel when directed by the government WO.
- Conduct research pertaining to the latest viruses, worms, etc. and the latest technological advances in combating unauthorized access to information.
- Submit an End-of-shift Report summarizing activities for each shift.
- Perform 2nd level analysis of IDS data in support of the government WO. Staff analysts must be able to disassemble an Ethernet frame and understand routing and payload components.
- Support Information Assurance asset deployments, upgrades, and maintenance; including sensors, data collection servers, network assets and firewall administration.
- Cover shifts for 1st level Duty Analysts when required, to cover sick days and vacations. (Rare, as most coverage issues are handled by adjusting schedules amongst the 1st level Duty Analysts)
- Perform other Network Security/Information Assurance tasks as assigned.
- Shift work will be required, as will work on holidays.
Staff Analysts should be proven team players with excellent oral and written communications skills. Staff Analysts should also be a self-starters, capable of working projects cradle-to-grave, independently if necessary. Frequent interaction with government client is required. Staff Analysts will be required to spend an acclimation period working as a Duty Analyst for approximately two weeks.
Years Of Experience:6+ Years IT, 5+ years network security analyis
Education: Bachelor's degree (six years of relevant professional experience is considered equivalent)
Six years IT experience.
Five years network security analysis, using intrusion detection systems.
Three years experience administering UNIX-based systems.
Experience conducting analysis at the packet level.
About Beacon Cloud Solutions, Inc.
Beacon Cloud Solutions(BCS) is a San Diego based technology company based on the belief that an Internet connection and a web browser is all you need to fully run and operate a business. It is our mission and passion to develop and deliver cloud-based solutions that change the way data is processed and how our customer do business. We are a family oriented company and believe that it is OK to have fun at work. We believe our customers should be able to work from anywhere with an Internet connection and a web browser so that is how we operate. Also, we love our customers because they keep us in business, so when they call us we are happy and do everything we can to solve their issue.
Sat, 1 Apr 2017 13:56:55 PDT