Cyber Security Specialist II
Company: System One
Location: Washington
Posted on: October 31, 2024
Job Description:
ALTA IT has a Contract to Hire position open for a Cyber
Security Specialist.Active TS / SCI ClearanceOnsite - Springfield,
VAALTA IT is looking for a Cyber Security Operations Specialist II
to operate and manage all aspects of Information Systems, data
availability, integrity, authentication, confidentiality, and
non-repudiation. This role will develop and execute security
policies, plans, and procedures and ensure security measures of the
network.What You'll Get to Do:
- Provide cyber threat intelligence services for the collection,
fusion, analysis, creation, and distribution of threat intelligence
from government entities, commercial feeds, open sources, and other
partners to obtain situational awareness of the threat
environment.
- Provide cyber threat intelligence services on an expanded 12x5
service support level during core hours and on-call support with
two-hour response time during non-core hours.
- Cyber threat intelligence services shall develop and
disseminate reports and tippers to internal and external
stakeholders based on events, alerts, and incidents on customer
systems and networks.
- Implements and monitors security measures for communication
systems, networks, and provide advice that systems and personnel
adhere to established security standards and Governmental
requirements for security on these systems.
- Designs and implements data network security measures; operates
Network Intrusion Detection and Forensics; conducts performance
analysis of Information Systems security incidents; develops
Continuity of Operation (COOP)/Disaster Recovery (DR) plans and
supports certification of Information Systems and Networks.
- Supervises operation of Electronic Key Management System, other
information security duties, and Public Key Infrastructure.
- Receive tickets from other Cybersecurity Operations Services
sub-services and conduct detailed analysis to validate any
event/alert/incident.
- Categorize, prioritize, investigate, and assess cybersecurity
events/alerts/incidents to identify the extent and scope of the
event/alert/incident and what impact there is on the operation or
systems.
- Update and forward tickets to other Cybersecurity Operations
Services to customer as needed.
- Collect, aggregate, and analyze artifacts and evidence from all
available tools, knowledge sources, and data artifacts to determine
and document the who, what, when, where, why and how of an
intrusion, its extent, how to limit damage, and how to
recover.
- Submit custom signatures and tuning requests as needed to
Network Security Services, Endpoint Security Services, and
Cybersecurity Data Analysis Services.
- Assists the C-IRT by assessing ongoing incident activity to
predict adversary responses and locations of compromise.
- Documents tickets and analysis to a level of detail sufficient
to reconstruct the analyst's analysis, to include but not limited
to the steps taken, timelines, and data required to justify the
analyst's assessment.
- Provide custom metrics reports including incident category
types, tools used, number of indicators, time opened at each step,
trending statistics, service availability, system utilization,
etc.
- Provide input to the daily CSOC Significant Activity,
Operations, and the weekly CSOC Status Report.
- Advanced Cybersecurity Analytics, coordinate with Network
Security Services, Endpoint Security Services, and Cybersecurity
Data Analysis Services to develop or tune
rules/signatures/scripts.You'll Bring These Qualifications:
- Bachelor's Degree in a Technical field (i.e. Information
Technology, Information Systems, Computer Science).
- 4+ years' experience working in Cyber Security Operating Host
Based Security System (HBSS), firewalls, Intrusion Prevention
Systems, Intrusion Detection Systems, other point of presence
security tools, Virtual Private Networks, and related security
operations.
- DoD 8570.01-M IAT Level II certification and CSSP Analyst.
- Utilize the SEIM to perform 24/7 monitoring, detection, and
initial triage (identify, investigate, categorize, prioritize,
ticketing, and forwarding) of events/alerts/incidents.
- Experience with Cyber Incident Response Team (C-IRT)
Services.
- Cyber Incident Quality Control Services - Conduct Quality
Control reviews of a percentage closed Tier II tickets each week to
ensure proper analysis, categorization, documentation, and
notification.
- Cyber Threat Intelligence Services - Conduct emerging threat
and intelligence fusion analysis.
- Cyber Threat Emulation Services; Develop, test, and when
properly authorized, execute custom scripts, programs, and/or other
capabilities to emulate cyber threats to include Cyber Data
Presentation Services.
- Cyber Hunt Services/Planned Hunt Services; update, and document
tickets in the authorized ticketing system to initiate the incident
response.
- TS/SCI Security Clearance (US Citizenship required).These
Qualifications Would be Nice to Have:
- IAT Level III.
- Master's Degree in a Technical field.
#J-18808-Ljbffr
Keywords: System One, Montgomery Village , Cyber Security Specialist II, Other , Washington, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...