This listing was posted on ApplicantPro.
CSIRT Analyst
Location:
Stennis Space Center, MS
Description:
SBD is seeking a CSIRT Analyst to join our team supporting our federal customer located at Stennis Space Center, MS. CSIRT is the primary entity of the SOC and the heart of Incident Response Operations. They are responsible for monitoring, incident recording, and reporting of cyber security events or incidents. The goal of CSIRT is to minimize and control the damage resulting from cybersecurity events or incidents, provide effective guidance for response, coordinate recovery activities, and work to prevent future incidents from occurring. Additionally, they provide coverage to ensure a proactive approach to defending against email attacks and a reactive approach when responding to successful attacks. Responsibilities Include: Provide 24x7x365 on site coverage monitoring and incident recording of security alerts and security event information received from all of our customer's security feeds, tools and designated system logs in near real time. Track all security incidents via Swimlane, ServiceNow and ECOP. Provide remedial recommendations and produce consistent comprehensive reports on findings. Activities include: Traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends, and patterns affecting our customer's networks. Analysis and recommendation of hardware and/or software tools that will assist in traffic analysis. Implementation, training, and SOP development and maintenance of implemented solutions. In-depth Web log analysis to determine trend, patterns, and suspicious activity. Pattern analysis, trend analysis, behavior analysis, and other specialized analysis. Reporting results of all analyses to the SOC GWO and PM. Coordinate and advise on incident response actions taken by Incident Response Handlers for incidents affecting their areas. Develop and maintain formal, documented SOPs that are delivered for the SOC GWO's review and approval when developed or modified. SOPs provide the operational basis for the customer's SOC Concept of Operations (CONOPS). Investigate and identify anomalous events that are detected by security devices or reported to the SOC from external entities, other agency components, system administrators, and the user community via Security Orchestration and Automation Response (SOAR) platform security tools, incoming phone calls, emails, and SNOW/ECOP tickets. Analyze suspicious web or email files for malicious code discovered through SPAM email monitoring and any other available sources. Determine indicators, including command and control channels, of malicious code. Collaborate with the Malware Analysis team to dissect Targeted Spear Phishing attacks from general mass email attacks. Required Experience and Qualifications: Must be a US Citizen able to obtain an Agency-specific clearance prior to starting. Must also be able to obtain a DoD Top Secret Clearance (this can be done while working on the program). Must have at least one active certification to include: Security+CE, ISC2 CISSP or other comparable certification approved by the customer. Bachelor's Degree and a minimum of 1 year of applicable experience is required. 4 years of additional applicable experience may substitute for a degree. Familiarity with the following tools desired: Splunk McAfee EPO Must reside within a commutable distance to Stennis Space Center, MS in order to work onsite full time. Must be able to pass a comprehensive background check. Job Posted by ApplicantPro
Company:
Solutions By Design Ii
Posted:
December 26 2023 on ApplicantPro
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to ApplicantPro
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: CSIRT Analyst
CSIRT Analyst is a Jobs Analyst Job at Solutions by Design Ii located in Stennis Space Center MS. Find other listings like CSIRT Analyst by searching Oodle for Jobs Analyst Jobs.
CSIRT Analyst is a Jobs Analyst Job at Solutions by Design Ii located in Stennis Space Center MS. Find other listings like CSIRT Analyst by searching Oodle for Jobs Analyst Jobs.