386947BR - Info Assurance Engineer Sr
Description:
Perform Incident Response responsibilities in support of HHS ITIO OS infrastructure (managed appliances, servers, and workstations) and Hosting Environment, consisting of multiple Operation Division Programs, multiple data center facilities, and numerous endpoint devices and users. The candidate must possess a thorough understanding of all aspects of computer and network security and be able to investigate alerts, anomalies, error, intrusions, malware to identify the extent of a security incident and they must be able to help isolate the responsible agents. Work closely with Security Operations and federal government counterparts, including across other functional areas and organizations. 1) Monitor and Detect: o Provide security monitoring for the hosting environment to detect and alert on possible intrusions and threat. o Monitoring and reporting on all security devices. o Ensuring integrity and confidentiality of sensitive data o Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. o Correlate actionable security events from various sources, including Splunk data and develop unique correlation techniques. o Preventing and detecting intrusion o Engages with other internal and external parties to get and share information to improve security posture o Validate incident containment and remediation recommendations o Provide continuous monitoring reporting support. Involving vulnerability scan analysis and remediation of devices to include: Windows, Linux, and Network. Work with management and technical POC s to remediate reported vulnerabilities. Analyze vulnerability scan reports and POAM items with the Authorizing Authority. o Ensure continuous operation of security servers and applications. o Assist in troubleshooting of all security servers and applications related problems. 2) Response and Escalation: Participate in the coordination of resources during enterprise incident response efforts. Interface with internal and external entities including program managers, law enforcement organizations, intelligence community organizations and other government agencies. Open tickets to track and document resolution of problems. Analyze and report on internal and external threats. Assist in incident handling when responding to suspected security incidents, providing containment of incidents, detailed root-cause analysis and restoration of services
Qualifications:
o Must have the ability to obtain Level 6 Public Trust Clearance. o Experience with malware analysis concepts and methods. o Understanding of Linux and basic Linux commands; understanding of mobile technology and OS (i.e. Android, iOS, Windows o Conducting forensic media analysis and log file analysis o Knowledge of computer systems network monitoring and intrusion detection tools and techniques, and commercial off-the-shelf (COTS) network and security monitoring products such as NetWitness, Imperva SecureSphere, Fire Eye, Tenable Security Center/Nessus, Checkpoint Endpoint Security, Checkpoint SMART Suite, Websense, Symantec Antivirus, Sophos Anti-virus, Splunk, ArcSight o Experience and/or hands-on knowledge in one or more of the following areas: network, OS platforms, applications and information security. o Experience troubleshooting network, OS platforms (Windows and Linux), and application or security issues. o Excellent problem solving and management skills. o Self-disciplined and must work well in a team environment. o Must have experience working in a team environment and possess the ability to plan and execute tasks efficiently and gather and disseminate information working with peers, subordinates and management. o Demonstrated excellent verbal and written communication skills to both management and technical staff. o Must have excellent people and organizational skills to professionally interact with and present to federal staff and customers o Demonstrated strong and effective Customer Care skills o Experience working within similar environment with proven successful results. o Have strong interpersonal skills and good situational awareness. o Ability to obtain the required Public Trust Clearance o Demonstrated experience working in a Security Operations Center (SOC). o Experience in working with security guides, procedures, policies, methodologies, frameworks and standards such as ISO/IEC 27001, NIST 800 series, FISMA, DISA IA Policy. o Experience in network and security operations/incident handling and response. o Ability to create and follow standard processes. o Aware of standard Cybersecurity best practices (NIST, etc.) and integration of all tools to increase overall security posture. o Experience in identification of potential security incidents (IOCs), leading incident responses, reporting to Government, and compiling after action reports. o Partner with other departments to identify opportunities for enhanced efficiency in strategic and tactical efforts. o Experience with SIEM, log analysis, vulnerability analysis, and some scripting experience. o Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures o Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements. o Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations. o In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. ArcSight, Splunk). o Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics. o Participate in risk management process, change control, corrective and preventative actions Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Masters degree. Considered career, or journey, level.
Leidos Overview:
Leidos is a global science and technology solutions leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company's diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos is an Equal Opportunity Employer.
. Apply now!Estimated Salary: $20 to $28 per hour based on qualifications.
Perform Incident Response responsibilities in support of HHS ITIO OS infrastructure (managed appliances, servers, and workstations) and Hosting Environment, consisting of multiple Operation Division Programs, multiple data center facilities, and numerous endpoint devices and users. The candidate must possess a thorough understanding of all aspects of computer and network security and be able to investigate alerts, anomalies, error, intrusions, malware to identify the extent of a security incident and they must be able to help isolate the responsible agents. Work closely with Security Operations and federal government counterparts, including across other functional areas and organizations. 1) Monitor and Detect: o Provide security monitoring for the hosting environment to detect and alert on possible intrusions and threat. o Monitoring and reporting on all security devices. o Ensuring integrity and confidentiality of sensitive data o Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. o Correlate actionable security events from various sources, including Splunk data and develop unique correlation techniques. o Preventing and detecting intrusion o Engages with other internal and external parties to get and share information to improve security posture o Validate incident containment and remediation recommendations o Provide continuous monitoring reporting support. Involving vulnerability scan analysis and remediation of devices to include: Windows, Linux, and Network. Work with management and technical POC s to remediate reported vulnerabilities. Analyze vulnerability scan reports and POAM items with the Authorizing Authority. o Ensure continuous operation of security servers and applications. o Assist in troubleshooting of all security servers and applications related problems. 2) Response and Escalation: Participate in the coordination of resources during enterprise incident response efforts. Interface with internal and external entities including program managers, law enforcement organizations, intelligence community organizations and other government agencies. Open tickets to track and document resolution of problems. Analyze and report on internal and external threats. Assist in incident handling when responding to suspected security incidents, providing containment of incidents, detailed root-cause analysis and restoration of services
Qualifications:
o Must have the ability to obtain Level 6 Public Trust Clearance. o Experience with malware analysis concepts and methods. o Understanding of Linux and basic Linux commands; understanding of mobile technology and OS (i.e. Android, iOS, Windows o Conducting forensic media analysis and log file analysis o Knowledge of computer systems network monitoring and intrusion detection tools and techniques, and commercial off-the-shelf (COTS) network and security monitoring products such as NetWitness, Imperva SecureSphere, Fire Eye, Tenable Security Center/Nessus, Checkpoint Endpoint Security, Checkpoint SMART Suite, Websense, Symantec Antivirus, Sophos Anti-virus, Splunk, ArcSight o Experience and/or hands-on knowledge in one or more of the following areas: network, OS platforms, applications and information security. o Experience troubleshooting network, OS platforms (Windows and Linux), and application or security issues. o Excellent problem solving and management skills. o Self-disciplined and must work well in a team environment. o Must have experience working in a team environment and possess the ability to plan and execute tasks efficiently and gather and disseminate information working with peers, subordinates and management. o Demonstrated excellent verbal and written communication skills to both management and technical staff. o Must have excellent people and organizational skills to professionally interact with and present to federal staff and customers o Demonstrated strong and effective Customer Care skills o Experience working within similar environment with proven successful results. o Have strong interpersonal skills and good situational awareness. o Ability to obtain the required Public Trust Clearance o Demonstrated experience working in a Security Operations Center (SOC). o Experience in working with security guides, procedures, policies, methodologies, frameworks and standards such as ISO/IEC 27001, NIST 800 series, FISMA, DISA IA Policy. o Experience in network and security operations/incident handling and response. o Ability to create and follow standard processes. o Aware of standard Cybersecurity best practices (NIST, etc.) and integration of all tools to increase overall security posture. o Experience in identification of potential security incidents (IOCs), leading incident responses, reporting to Government, and compiling after action reports. o Partner with other departments to identify opportunities for enhanced efficiency in strategic and tactical efforts. o Experience with SIEM, log analysis, vulnerability analysis, and some scripting experience. o Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures o Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements. o Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations. o In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. ArcSight, Splunk). o Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics. o Participate in risk management process, change control, corrective and preventative actions Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Masters degree. Considered career, or journey, level.
Leidos Overview:
Leidos is a global science and technology solutions leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company's diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos is an Equal Opportunity Employer.
. Apply now!Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
