Information Assurance Analyst

Employer
J Terry & Associates Inc
Location
Rosslyn, VA
Posted
Jun 12, 2017
Jobs Outside Higher Education
Software & Technology
Institution Type
Outside Academe


Job Description

Clearance Requirement

Top Secret (ACTIVE ONLY) / TS/SCI (Preferred)

General Experience

The individual in this position must be familiar with the following:
  1. Information system vulnerability assessment and analysis
  2. Incident handling and electronic data discovery
  3. Experience in the correlation and analysis of events, designing, implementing, tuning, and using the ArcSight Security Information and Event Management (SIEM) tool to detect IT security incidents.
  4. Configuring and monitoring Intrusion Detection Systems (IDS) and read, interpret and analyze network traffic and related log files
  5. Establishing or maintaining network software parameters used for insider threat analysis; e.g., ArcSight security authorization tables, configuration definitions, file access tables.
  6. Experience detecting malicious insider threat activity
  7. Experience analyzing and reporting information technology (IT) security alerts
  8. Experience analyzing IDS alerts, system logs, and/or SQL and data warehousing
  9. Experience with Microsoft Windows operating environment and administration
  10. Documentation of threat reports, assessments and briefings

Functional Responsibilities

May be called upon to have functional knowledge or expertise in one or more of the following duties and responsibilities:
  1. Security alert event configuration and management, continuous monitoring of multiple security technologies such as IDS/IPS, syslog, file integrity, vulnerability scanners, correlating and analyzing events, designing, implementing, tuning, and using ArcSight SIEM tool to detect IT security incidents, following operational processes and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents, testing new systems compatibility to enable application optimizations system monitoring and analysis, low-level programming and design of more complex features using best practices for development and ensuring effective application across the enterprise
  2. Insider threat network and host continuous monitoring, traffic analysis, and intrusion detection.
  3. Planning and conducting security accreditation reviews for initial installation of systems and networks using such capabilities as vulnerability and network analysis, VoIP and wireless network analysis, and insider threat analysis.
  4. Using defense measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
  5. Conducting event analysis on captured user, computer, communication and network security events using a suite of security tools and system security features to determine security vulnerabilities, policy violations, malicious behavior and/or conduct security incident analysis.
  6. Configuring and monitoring intrusion detection systems; reading interpreting and analyzing network traffic and related log files.
  7. Insider threat network and host continuous monitoring, traffic analysis, and intrusion detection.
  8. Monitoring and evaluating a system's compliance with Information Technology security requirements in accordance with ICD 502/503, ICS 500-27, CNSSI 1253 and the NIST 800-53 security controls.
  9. Conducting regular event analysis searching for and extracting information, and incident response from suite of security tools and system security features (HBSS, IDS, Insider Threat, Antivirus, Firewall, System Security Logs and events, etc.
  10. Documenting a system's compliance in accordance with above directives, instructions and per the Federal Information Security Management Act (FISMA)
  11. Providing full characterization of information system security environments, including system connectivity, in terms of administrative, technical and organizational factors concerning continuous monitoring techniques and methods, and develop risk management alternatives for securing environmental requirements and problems.
  12. Providing information technology (IT) security technical expertise to support the operations of the Department-wide, 24/7 security monitoring center (the Computer Security Incident Response Center) that monitors specific Departmental computer and network systems operations for insider threats.
  13. Developing information system risk-management alternatives and changes by applying expert judgment and ingenuity in interpreting information and providing recommendations or making decisions which impact insider threat/continuous monitoring policies and programs.
  14. Advising management of assessed problems relating to ongoing insider threats to organizational information security activities.
  15. Providing comprehensive technical reports based on analytical findings.
  16. Assisting in the management of enterprise computer network defense systems.
  17. Advising management of assessed problems relating to organizational information security activities, to include insider threats and computer security incident response procedures.
  18. Participating in interagency working groups and committees.
  19. Conducting liaison with other Government agencies and/or public/private companies

Education, Certifications, and Years of Experience:
  1. Education: BA/BS (preferred). May be substituted with an acceptable number of years of information assurance/network protection experience.
  2. Years of Experience (IN ADDITION TO EDUCATION): 5-8 YEARS
  3. Preferred Certifications:
  • Certified Information Systems Security Professional (CISSP)
  • ArcSight Certified Integrator/Administrator (ACIA)
  • ArcSight Certified Security Analyst (ACSA)
  • Microsoft Certified Systems Engineer (MCSE)
  • Microsoft Certified IT Professional (MCITP)
  • GIAC Certified Incident Handler (GCIH)
  • Certified Ethical Hacker (CEH)
  • Comp TIA Security+
  • SANS GIAC GCIA
  • Intrusion Analyst Certification or Forensics Analyst Certification
  • Certified Authorization Professional (CAP)_
  • Microsoft Certified Solutions Associate (MCSA)
  • Microsoft Technology Associate (MTA)

Company Description
J Terry & Associates Inc is a Woman Owned Small Business (WOSB), Service Disabled Veteran Owned Small Business (SDVOSB), and 8(a) company established in July 2007. Since its founding, JTA has provided management consulting services to its government customers within the Departments of Defense and State.


Rosslyn, VA

04de78b119

Sun, 11 Jun 2017 05:52:11 PDT

PI98146916