Full Time Employee
IDS Information Security Specialist (Job Number:422432)
Duties and Responsibilities:
Conduct in-depth information technology risk assessments including creating detailed process flows, identifying potential gaps and/or inconsistencies and making sound recommendations for improvement and/or mitigation.
Review third party vendors and contracts to ensure appropriate IT controls are in place and functioning effectively
Perform risk assessment of third party vendors but not limited to cloud computing and identifying gaps in the vendor IT control environment and recommending mitigating controls to address the gaps that are not in line with company IT Security requirements.
Identify and validate IT risk issues and mitigation strategies.
Defining a framework for the risk assessment activity and an agenda for identification.
Incorporation of a risk assessment plan and execution.
An understanding of the IAM or the Active Directory structure.
Verify and update security documentation reflecting the application/system security design features
Work with others to resolve computer security incidents
Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security
- Ensure all systems security operations and maintenance activities are properly documented and updated as necessary
- Implement security designs and approaches to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed
- Monitor information protection assurance mechanisms related to system implementation and testing practices
- Verify and update security documentation reflecting the application/system security design features
- Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
TYPICAL EDUCATION AND EXPERIENCE: High School Diploma and 5 years experience.
- Knowledge of how network services and protocols interact to provide network communications
Knowledge of incident response and handling methodologies
Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies
- Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI), Information Technology Infrastructure Library, v3 (ITIL))
- Knowledge of IT security principles and methods, such as firewalls, demilitarized zones, and encryption
- Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins
- Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems
Must currently possess a Secret security clearance.
SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC provides systems engineering and integration offerings for large, complex projects. Headquartered in McLean, Virginia, SAIC has approximately 15,000 employees and annual revenues of about $4.3 billion.
EOE AA M/F/Vet/Disability
Job Posting: Feb 17, 2017, 11:58:54 AM
Primary Location: United States-SC-NORTH CHARLESTON
Clearance Level Must Currently Possess: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: No
Shift: Day Job
To apply for this job, contact: