Intrusion Detection Team Lead - 3rd shift
US-Remote
Careers (External)
Req #: 8351
Type: Full-Time
|
|
||||||||||
|
|||||||||||
Overview: GovCIO is currently hiring for a 3rd shift (11pm - 7:30am EST) Master Level Cyber Defense Analyst/Intrusion Detection Team Shift Lead onsite in Washington, DC. Responsibilities: * Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client * Provides timely and actionable sanitized intelligence to cyber incident response professionals * Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture * Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks * Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership Qualifications: * Bachelor's and 8 years of intrusion detection experience * Minimum Relevant Experience - The requirement states: 7 years of security intrusion detection examination experience involving a range of security technologies that produce logging data; to include wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs. Working experience of Splunk SIEM. Contractor will have at least two years as a cyber security or security operations shift team leader. At least five years' experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas of; creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, and working in a SIEM environment. * Required Certification - The requirement states: Must possess at least one (1) of the following certifications: GIAC Certified Intrusion Analyst (GCIA), EC-Council's Certified Security Analyst (ECSA), GIAC Certified Perimeter Protection Analyst (GPPA), GIAC Certified Enterprise Defender (GCED), Systems Security Certified Practitioner (SSCP), or a Certified Information Systems Security Professional (CISSP). Splunk Fundamentals I & II certification.
Share this job:
