Candidate MUST HAVE a TS/SCI and Polygraph security clearance in order to be considered.
The contract provides Computer Network Defense and Analysis (CND) to the customer’ s network. Because the customer allows their user community to access their personal email accounts while on site, there is a lot of spam hitting their network regularly. This contract is responsible for the 24 x 7 x 365 protection of the customer’ s network from maliciously intended viruses and attacks on their network.
Candidates will bring a big picture view from and Enterprise perspective in order to get the most out of their systems and be required to support the deployment, configuration, and administration of the customer Security Incident and Event Management (SIEM) platform. The position requires the candidate be a self-starter and work well with other security teams to support cyber security operations. A wide range of knowledge and skills are needed such as ArcSight ESM, system administration, network engineering, and cyber security architecture design. More specifically, they will use their SEIM experience to dig in and maintain their ArcSight suite and ensure it is running properly. They should understand the connectors, proper set up, as well as be able to envision the future and have forward thinking conversations with the customer of what the SEIM tools can do for them.
- Deep understanding of one or more SIEM systems, especially ArcSight, Qradar or Nitro
- Experience using, configuring, and administering Linux for SIEM systems
- Technical BS & 10 + years of experience in Engineering
- Network Intrusion Detection/Prevention Systems
- Host Intrusion Detection/Prevention Systems
- Network Packet Capture/Forensics Systems
- Programming skills (Java, ruby, or python along with XML and SQL)
- Experience with big data parsing and visualization techniques
Job Type: Full Time