Home - Company - Careers

Senior Analyst

Location: Manassas, VA

Job Summary:
Provide special purpose consultation and support on technical matters for U.S. Senate SOC Operations.

Essential Duties and Responsibilities:

  • Perform ongoing monitoring and threat analysis.
  • Analyze logs/traffic.
  • Identify potential IT security incidents and escalates information to appropriate staff.
  • Assess threat and vulnerability information from all sources (both internal and external) and promptly apply applicable mitigation techniques initiating indications and warnings.
  • Conduct vulnerability analysis and assessments across the entire Senate IT enterprise in support of operations and maintenance activities.
  • Develop mitigation and remediation plans as a result of vulnerability assessment findings.
  • Train users and promotes security awareness to ensure system security and to improve server and network efficiency.
  • Confer with users to discuss issues including but not limited to computer data access needs, security violations, and programming changes.
  • Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
  • Monitor current reports of computer viruses to determine when to update virus protection systems.
  • Document computer security and emergency measures policies, procedures, and tests.
  • Train off-hours monitoring staff.
  • Other duties as required.

Qualifications:
To perform this job satisfactorily, an individual must be able to perform each essential performance requirement satisfactorily. The requirements listed below are representative of the training, experience, knowledge, and skill required for this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions listed above.

Education and/or Experience:

  • Bachelor’s degree is a plus, or equivalent combination of education and experience.
  • Certification by the following company is required: ArcSight, Symantec, and Cisco.
  • Other relevant professional certifications in the field of IT Security are a plus (desirable, not mandatory), such as: GIAC Certified Professional, Information Security Professional (GISP), GIAC Certified Intrusion Analyst (GCIA); ArcSight Certified Integrator/Administrator (ACIA); Cisco Certified Security Professional (CCSP); Certified Information Systems Security Professional (CISSP); ArcSight Certified Security Analyst (ACSA); Systems Security Certified Practitioner (SSCP).

Knowledge and Skills:

  • At least five (5) years of related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis.
  • Previous experience in and a proven method for performing 1st level analysis and interpretation of information from SOC systems.
  • Previous experience in and proven methods for incident identification/analysis, escalation procedures, and reduction of false-positives.
  • Demonstrated experience consistent with ISO 20000; ITIL; NIST 800 series, specifically, NIST 800-61 “Computer Incidents Handling Guide” and NIST 800-53 “Recommended Security Controls for Federal Information Systems” and any other controls that are applicable to network security.
  • Demonstrated experience with and application in establishing security controls to protect information systems consistent within the industry.
  • Demonstrated experience with and application of open- and closed-source resources within industry.
  • Specific experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments.
  • Based on task(s) assigned, state-of-the-art expertise on the hardware, software, and systems in use by the IT Security Branch and in the SOCs, including but not limited to ArcSight SIM, nCircle vulnerability assessment system, Cisco PIX firewall, TopLayer IDS balancer, Symantec Security Information Management System (SESA and SSIM), Symantec Client Security, NetIQ, Cisco VMS, and Cisco and Snort IDS/IPS sensors.
  • Customer service skills training.

Benefits:

In exchange for your hard work we offer a great benefits package along with commensurate pay based on experience. Plus, we offer a very team oriented business casual environment where the staff is more like an extended family that likes working with each other and helping each other succeed..

To Apply:

To respond to this opportunity, please send resumes to irma.symons@secureinfo.com

EEO/AA/M/F/D/V