IDS Information Security Specialist Job

11/13/16
SAIC (www.saic.com)
Other

/yr

  Full Time   Employee


North Charleston
South Carolina
United States

IDS Information Security Specialist (Job Number:422432)

Description:



Duties and Responsibilities:

-
Conduct in-depth information technology risk assessments including creating detailed process flows, identifying potential gaps and/or inconsistencies and making sound recommendations for improvement and/or mitigation.

-
Review third party vendors and contracts to ensure appropriate IT controls are in place and functioning effectively

-
Perform risk assessment of third party vendors but not limited to cloud computing and identifying gaps in the vendor IT control environment and recommending mitigating controls to address the gaps that are not in line with company IT Security requirements.

-
Identify and validate IT risk issues and mitigation strategies.

-
Defining a framework for the risk assessment activity and an agenda for identification.

-
Incorporation of a risk assessment plan and execution.

-
An understanding of the IAM or the Active Directory structure.

-
Verify and update security documentation reflecting the application/system security design features

-
Work with others to resolve computer security incidents

-
Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools

-
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation

-
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security

-
Perform Computer Network Defense incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations that enable expeditious remediation

-
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts

-
Apply security policies to applications that interface with one another

-
Apply security policies to meet security objectives of the system

-
Apply service oriented security architecture principles to meet organization's confidentiality, integrity, and availability requirements

-
Discover organizational trends with regard to the security posture of systems

-
Ensure all systems security operations and maintenance activities are properly documented and updated as necessary

-
Ensure IA-enabled products or other compensating security control technologies reduce identified risk to an acceptable level

-
Implement and/or integrate security measures for use in system(s) and ensure that system designs incorporate security configuration guidelines

-
Implement security designs and approaches to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed

-
Implement specific IA countermeasures for systems and/or applications

-
Implement system security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation

-
Monitor information protection assurance mechanisms related to system implementation and testing practices

-
Perform security reviews and identify security gaps in security architecture resulting in recommendations for the inclusion into the risk mitigation strategy

-
Plan and recommend modifications or adjustments based on exercise results or system environment

-
Properly document all systems security implementation, operations and maintenance activities and update as necessary

-
Verify and update security documentation reflecting the application/system security design features

-
Work with others to resolve computer security incidents

-
Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools

#CCDS

Qualifications:
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and two (2) years or more experience; Masters and 0 years related experience.

Required Qualifications:

-
Knowledge of encryption algorithms (e.g., IPSEC, AES, GRE, IKE, MD5, SHA, 3DES)

-
Knowledge of how network services and protocols interact to provide network communications

-
Knowledge of incident response and handling methodologies

-
Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies

-
Knowledge of how system components are installed, integrated, and optimized

-
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI), Information Technology Infrastructure Library, v3 (ITIL))

-
Knowledge of human-computer interaction principles

-
Knowledge of IA principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

-
Knowledge of IT security principles and methods, such as firewalls, demilitarized zones, and encryption

-
Knowledge of IT supply chain security/risk management policies, requirements, and procedures

-
Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins

-
Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not be used standard IT) for safety, performance, and reliability

-
Knowledge of network access, identity and access management (e.g., public key infrastructure, PKI)

-
Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs

-
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth)

-
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools

-
Knowledge of Personally Identifying Information (PII) and personal Payment Card Industry (PCI) data security standards

-
Knowledge of relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure

-
Knowledge of secure configuration management techniques

-
Knowledge of security management

-
Knowledge of security system design tools, methods, and techniques

-
Knowledge of systems testing and evaluation methods

-
Knowledge of telecommunications concepts

-
Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems

-
Skill in designing countermeasures to identified security risks

-
Skill in designing security controls based on IA principles and tenets

-
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes

-
Skill in developing and applying security system access controls

-
Skill in using network analysis tools to identify vulnerabilities

-
Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort)

-
Skill in developing and deploying signatures

Clearance Requirement:

-
Must currently possess a Secret security clearance.

SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC provides systems engineering and integration offerings for large, complex projects. Headquartered in McLean, Virginia, SAIC has approximately 15,000 employees and annual revenues of about $4.3 billion.

EOE AA M/F/Vet/Disability

Job Posting: Oct 11, 2016, 10:08:02 AM
Primary Location: United States-SC-NORTH CHARLESTON
Clearance Level Must Currently Possess: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: No
Travel: None
Shift: Day Job
Schedule: Full-time

To apply for this job, contact:
Jane Ormerod

Save This Job

Email This Job to a Friend