The Security Analytics Content Lead supports a Civilian Agency Cyber Security Operations Center (SOC) organization protecting the network security of tens of thousands of users. The work site is located in Leesburg, Virginia.
Security Analytics Content Lead responsibilities include:
• Develop content for enterprise full-packet capture security application, combining big data security information collection, management, and analytics capabilities with full network and log-based visibility and automated threat intelligence from commercial vendor and other government agencies.
• Perform daily Intrusion Detection Sensor (IDS) monitoring to ensure that all sensors are active.
• Review the Security Information and Event Management (SIEM) tool interface, as the tool correlates and aggregates alert data from multiple IDS sensor types and additional security devices.
• Review alerts and packet-level data collected from sensors on a daily basis and report findings to the Incident Handler.
• Submit an End-of-shift Report summarizing activities for each shift.
•Any other duties as requested by the Contracting Officer Representative and SOC management.
Qualities/Additional info: The Security Analytics Content Lead must provide coverage and maintain a presence in the SOC eight (8) hours per day, five (5) days per week, Monday-Friday between the hours of (0600 – 1800, EST/EDT) with augmentation staff available twenty four (24) hours a day, seven (7) days a week, three hundred sixty five (365) days per year, within six (6) hour notice to respond to DOT and SOC Management requirements. Security Analytics Content Lead should be proven team players with excellent oral and written communications skills. Frequent interaction with government client is required. Occasional local travel. Infrequent (<5%) local travel, infrequent (<5%) long distance travel...
Required Education and Experience:
- Bachelor's degree in Computer Science or Information systems.
- Minimum ten (10) years of relevant professional experience.
- In addition to required education or equivalent experience;
- Minimum six (6) years IT experience.
- Must have at least four (4) years experience in full packet capture analysis.
- Must be familiar with both Windows OS and Red Hat Linux for troubleshooting and installation.
Security Operations Center
- Must have experience conducting analysis at the packet level.
- Experience with RSA Security Analytics
- Experience administering UNIX-based systems.
- Experience with Python scripting.
- Experience with intrusion detection sensors.
Level of Clearance Required: Department of Defense Secret
US Citizenship Required: Yes No
PLEASE SUBMIT RESUME IN MICROSOFT WORD FORMAT TO;