Information System Security Analyst
KMJJ Enterprise LLC | Pensacola | www.jobvertise.com |
Information System Security Analyst
Must have an active Top Secret clearance with an ability to obtain TS/SCI clearance
Responsibilities Include:
• Oversight and supervision of a 24 x 7 watch supporting continuous monitoring and incident response for hybrid cloud/ on-prem customer networks
• Providing expert level technical direction to the teams performing detection, response, mitigation, and reporting of cyber threats affecting customer networks
• Producing reports and briefs to provide an accurate depiction of the current threat landscape and associated risk based on customer, community, and open-source reporting
• Facilitating the customer's posturing to aggressively investigate cyber activity targeting customer information and its information infrastructure
• Analyzing and reporting cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions
• Providing leadership support during assigned shifts, including nights/weekends, with hybrid work on-site
• Developing and implementing training standards and procedures, to include Work Instructions, Joint Qualification Requirements, and Standard Operating Procedures
• Oversee the training of newly assigned analysts
Required Skills:
• Must be a US Citizen
• Must have an active Top Secret clearance with an ability to obtain TS/SCI clearance
• Must be able to obtain DHS Suitability
• Exceptional oral and written communication
• 10+ years of directly relevant experience
• 5+ years leading incident response teams in a SOC or CSOC environments
• Must pass internal qualification requirements within specified time constraints
• Hands-on experience in a SOC performing the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
• Experience in computer intrusion analysis and incident response
• Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
• Strong experience with Cyber Security Incident Response training
• Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
• Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
• MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
Desired Skills:
• Experience with cloud-based security
• Experience in computer evidence seizure, intrusion detection, computer/network forensic analysis, or data recovery
Required Certifications (at least 2):
DoDI 8570.01-M IAT Level II Technical Certification (Security+ CE, CCNA + Security, SSCP, CISSP) or equivalent AND an Incident Response Certification (CEH, ECIH, CYSA+, GCIH, GCIA, GNFA, or comparable certification)
Required Education:
BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 22 years of incident management experience
Must have an active Top Secret clearance with an ability to obtain TS/SCI clearance
Responsibilities Include:
• Oversight and supervision of a 24 x 7 watch supporting continuous monitoring and incident response for hybrid cloud/ on-prem customer networks
• Providing expert level technical direction to the teams performing detection, response, mitigation, and reporting of cyber threats affecting customer networks
• Producing reports and briefs to provide an accurate depiction of the current threat landscape and associated risk based on customer, community, and open-source reporting
• Facilitating the customer's posturing to aggressively investigate cyber activity targeting customer information and its information infrastructure
• Analyzing and reporting cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions
• Providing leadership support during assigned shifts, including nights/weekends, with hybrid work on-site
• Developing and implementing training standards and procedures, to include Work Instructions, Joint Qualification Requirements, and Standard Operating Procedures
• Oversee the training of newly assigned analysts
Required Skills:
• Must be a US Citizen
• Must have an active Top Secret clearance with an ability to obtain TS/SCI clearance
• Must be able to obtain DHS Suitability
• Exceptional oral and written communication
• 10+ years of directly relevant experience
• 5+ years leading incident response teams in a SOC or CSOC environments
• Must pass internal qualification requirements within specified time constraints
• Hands-on experience in a SOC performing the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
• Experience in computer intrusion analysis and incident response
• Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
• Strong experience with Cyber Security Incident Response training
• Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
• Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
• MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
Desired Skills:
• Experience with cloud-based security
• Experience in computer evidence seizure, intrusion detection, computer/network forensic analysis, or data recovery
Required Certifications (at least 2):
DoDI 8570.01-M IAT Level II Technical Certification (Security+ CE, CCNA + Security, SSCP, CISSP) or equivalent AND an Incident Response Certification (CEH, ECIH, CYSA+, GCIH, GCIA, GNFA, or comparable certification)
Required Education:
BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 22 years of incident management experience
Don’t miss out on new job openings!
Create a job alert for: Security, Cantonment
It's free, and you can cancel email updates at any time