Cybersecurity Specialist - Military veterans preferred

Description

JOB DESCRIPTION: This position is in support of the HHS Next Generation IT Services IT Operations contract. Seeking a Cybersecurity Specialist Associate to work as an analyst in a 24x7x365 Security Operations Center (SOC). The SOC Analyst will(1) conducts security monitoring, tuning and management of IT infrastructure security systems and applications, to include security incident response, digital forensics and loss prevention actions; (2) Utilizes COTS/GOTS and custom security tools and processes/procedures to scan, identify, contain, mitigate and remediate security vulnerabilities, and intrusion; (3) Performs analysis to validate established security requirements and to recommend additional security requirements and safeguards; (4) Conducts reviews of system audits and monitors corrective actions until all actions are closed. Assists in the implementation of required government policy (i.e., FISMA, NIST) and makes recommendations on process tailoring; (4) Supports formal Security Test and Evaluation (ST&E) required by government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports; (5) Supports cyber metrics development, maintenance and reporting; (6) Provide reports and/or briefings to senior staff.

SCOPE: N/A LEADERSHIP AND MANAGEMENT: N/A KNOWLEDGE/SKILLS AND ABILITY: Limited use and/or application of technical principles, theories, and concepts. Receives assignments in the form of specific tasks for the work to be completed. Work is reviewed by management to measure meeting objectives and schedules.  PROBLEM COMPLEXITY: Develops solutions to routine technical problems of limited scope.  Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. FREEDOM TO ACT: Work is closely supervised.  Follows specific, detailed instructions. IMPACT: Contributes to completion of routine technical tasks.  Failure to achieve results can normally be overcome without serious effect on schedules and programs LIASON: Contacts are primarily with immediate supervisor, project leaders, and other professionals in the group.

Position Responsibilities: 

• Work scheduled shift in 24x7x365 Security Operations Center (SOC)
• Monitor, investigate, detect, resolve, and remediate attacks, threats, and security breaches
• Monitor the customer networks and devices for security breaches, through the use of software that detects intrusions and anomalous system behavior
• Analyze network traffic and identify anomalies and information security controls for weaknesses.
• Use security tools in detection, prevention, analysis of security threats, and protection measures
• Demonstrate the ability to perform open source threat research.
• Ability to work in a fast-paced, operational environment and successfully prioritize important tasks when faced with constantly changing priorities based on new threats.
• Take mitigation actions to contain the attack activities and minimize damage when a malicious activity or attack has occurred on the network
• Perform incident response, security infrastructure management or monitoring services, and digital forensics
• Hands-on experience with scanning devices for vulnerabilities according to compliance policies
• Perform periodic network and device scans to identify and remove vulnerabilities
• Proactively respond and resolve incidents and change requests using ServiceNow to minimize impact.  
• Take ownership issues, provide resolution as per SLA, and document the resolution procedures.  

Qualifications

TYPICAL EDUCATION AND EXPERIENCE:

• Bachelors and 1 year of relevant experience; Masters and 0 years related experience.
• Security+ (Plus) and/or completion of other cyber certification(s) or courses
• Willing to work a flexible work schedule and after hours/weekends 
• Experience using Splunk and/or other SIEM tools including event log analysis, network traffic analysis, file integrity monitoring, and real-time event correlation
• Experience using Tenable / Nessus and/or other scanning tools
• Self-starter with good interpersonal skills, team player, good oral and written communication, and organizational skills