Info Security Systems Specialist, Level 3

Chantilly, VA

Industry: ALKU:Gov SysNet Job Number: 133922


Candidate MUST HAVE a TS/SCI with Polygraph  security clearance in order to be considered. 

?Job Description:

This role utilizes expertise in Network and Host Security Devices to enable visibility, detection, alerting, and reporting for cyber security threats.  Cyber security threat types can include external threats, insider threats, and security compliance use cases.  Logs sources include but not limited to Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS), malware analysis systems, firewall logs, custom object scanners, endpoint security systems, web logs, and server logs

  • Configuration of Information Security monitoring systems which provide logging, monitoring, and actionable alerting
  • Assist with the configuration, maintenance, and monitoring of the Security Incident and Event Monitoring (SIEM) system
  • Provide assistance to the Information Security Architects regarding the design and implementation of security solutions to ensure appropriate configurations, logging, and correlations for network security controls
  • Ability to design, resource, conduct, status, and complete projects independently, with minimal supervision
  • Perform data interpretation, classification and enrichment
  • Build data models
  • Manage knowledge objects (e.g. fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, etc.)
  • Configure summary-based reports and data model acceleration
  • Rule and content development for alerting, metrics, and/or reporting
  • Collaborating with data owners and customers on understanding data sources and use cases, and successfully translating requirements to actionable content
  • Work with VMWare vSphere or other virtual technologies

  • Must be well versed in TCP/IP networks, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), firewalls, switches, network monitoring and sniffing, VPN systems, Windows and Linux environments
  • Applied experience working with log management, content filtering, packet analysis, and threat intelligence
  • Experience with package and patch management
  • Proficient with Virtualization and Containers
  • Ability to document in-depth information regarding system security baselines, configurations, deviations, and justifications for security recommendations
  • Experience in the development, implementation, and review of YARA & Snort signatures
  • Security+CE, or CCNA-Security.

  • Knowledge of big data environments preferred
  • Scripting experience – python, perl, powershell, vbs
  • Deployment of Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS)
  • Deep Packet Capture & Inspection deployment

Job Type: FT 

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.