Designs, tests and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various securitytechnologies, and information technologysecurity research. May prepare securityreports to regulatory agencies.
Preferred Background/Engagement Description
•General Experience. Eight (8) years of experienceLANs, WANs, VPNs, firewalls and othersecurity and network devices. Capable of assessing and evaluating new IA and networktechnologies and IA-enabling products. Experience leading a team, developing and following team procedures.
•IA Specialized Experience. Four (4) years of experience network monitoring, intrusion detection, reactive measures and prevention, security assessment methodologies, security vulnerability analysis, data encryption, IA Tools and SOC operations. Knowledge of Cyber Threats and mitigation strategies, TCP/IP, packet capture, scripting, IPS and IDS signatures. Systems analysis experience designing technical applications on computer systems.
•Forensics Experience. Experience with Encase or similar forensics tool, as an Incident Handler, Forensics Analyst or Reverse Engineer. Strong background fusing technical exploitation into all source intelligence products Experience or formal training in Biometric/Forensic Systems, collections, and databases/architectureExperience or formal training in Biometric/Forensic Systems, collections, and databases/architecture. Extensive knowledge of how Technical Exploitation enables the Intelligence Cycle.
Conduct detailed analysis of intrusions and malware:
•Performs forensic analysis of digital information and physical evidence.
•Provides specialized support by gathering, handling, examining, preparing, entering, and searching, retrieving, identifying and/or comparing digital and/or physical evidence.
•Uses forensically sound procedures to determine results.
•Observes proper evidence custody and control procedures, documents procedures and findings and prepares comprehensive written notes and reports.
•Develops, researches, and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption
•Utilizes software applications for the analysis and processing of digital images.
•Hands on experience in an Offensive Security Shop
•Perform as a member of an interdisciplinary team in a ManagedSecurity Solution (MSS) Cyber Security Operations Center (CSOC) providing 24/7 support operations, cybersecurity monitoring, and customer support. Job normally works day shift but may require shift work to cover gaps as the mission requires. Perform network vulnerability analysis and reporting.
Perform networksecurity monitoring and analysis, identifies suspicious and malicious activities, identifies and tracks malicious code (including worms, viruses, Trojan horses, etc), enters and tracks events and incidents. Supports incident escalation and assesses probable impact and damages, identifies damage control, assists in developing course of action and recovery procedures.
Knowledge of LANs, VPNs, Routers, firewalls, Applies knowledge of current IA policy at the national IA structure, roles of major organizations how they interrelate and interact, and shortcomings in this structure. Reviews and recommends IA solutions to customer problems based on an understanding of how products and services interrelate and support the IA mission and the viewpoints of the consumers of those products and services.
Analyzes and recommends resolution of IA problems based on knowledge of the major IA products and services, an understanding of their limitations, and a working knowledge of the disciplines of IA. Meet or exceed Corporate and Customer goals and objectives.
•QRadar, UNIX/Linux, Microsoft Windows Server, Exchange, Active Directory, TCP/IP, firewalls, VPN, IDS/IPS
•Familiarity with relevant security requirements documents such as STIGS
•MCSE/MCITP, CCSP/CCNP Security, CCNA Security, GCIA, GCIH, GREM, Certified Ethical Hacker, or equivalent
•Moderate understanding of Python (pandas, Scikit-learn, Numpy, theano)
•Data science analytics experience
•CISSP, GIAC Certified Enterprise Defender
•Information Security Professional, Cisco CCNP Security
•Certified Ethical Hacker (CEH).