COUNTERMEASURES - CYBER SECURITY ENGINEERING

McLean, VA

Job ID: 130660 Industry: Government

COUNTERMEASURES - CYBER SECURITY ENGINEERING

Candidate MUST HAVE a TS/SCI and Polygraph security clearance in order to be considered.

Program Description:

The contract provides Computer Network Defense and Analysis (CND) to the customer’ s network.  Because the customer allows their user community to access their personal email accounts while on site, there is a lot of spam hitting their network regularly.  This contract is responsible for the 24 x 7 x 365 protection of the customer’ s network from maliciously intended viruses and attacks on their network.

Day-to-Day Responsibilities:
  • The CIRT/CSOC Countermeasures Senior Engineer or Team Lead on this Cyber Security Operations and Engineering support contract provides subject matter expertise in creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to network and host-based IDS, IPS, firewall, web application firewall, proxy and SIEM systems.
  • Manages and administers the updating of rules, signatures, and custom content for specialized CND applications and systems.
  • Identifies potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts.

Required:
  • Experience using Splunk and ArcSight as an analyst
  • Experience reading and developing cyber security signatures for Snort
  • Experience developing and using use cases to enable alerting and response to targeted cyber threats
  • Experience reading and developing Yara rules and signatures
  • Minimum of five years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management
  • BS in an IT related discipline
  • DOD 8570 IAT Level I or CND-IR

Desired:
  • Cyber incident response analyst experience
  • Team leadership experience
  • Familiarity with the following classes of enterprise cyber defense technologies:
    • Security Information and Event Management (SIEM) systems
    • Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
    • Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
    • Network and Host malware detection and prevention
    • Network and Host forensic applications
    • Web/Email gateway security technologies

Job Type: Full Time 

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: