25 days ago
DISYS has an immediate opportunity available for a remote Information Security Analyst who will plan, implement, upgrade, and/or monitor security measures for the protection of our premier aerospace client's unclassified (low side) computer networks and information.
The Information Security Analyst will:
- Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.
- May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses in support of the core mission of Computer Network Defense (CND).
The Information Security Analyst will be responsible for:
- Collecting and processing tips, incident reports and requests for Computer Network Defense (CND) services received via phone, email and ServiceNow tickets.
- Triage and rapid analysis of real-time security incident alerts from the SIEM system, to assess potential intrusions. Suspected incidents will be escalated to a Tier 2 analyst for further analysis.
- Extracting data from cyber intelligence updates and reports provided by senior ISD staff to synthesize new signatures for IDS systems as well as SIEM correlations and alerts. Cyber intelligence will be composed of technical data extracted from adversary tactics, techniques, and procedures (TTPs).
- Directly implementing or coordinating response actions to an incident to deter, block, or cutoff adversary presence or damage. Possible countermeasures include logical or physical isolation of involved systems, firewall and proxy blocks, DNS black holes, IP blocks, patch deployment and account deactivation.
- Participating in the tuning and maintenance of sensor and other Security Operations Center (SOC) infrastructure platforms it operates, such as IDS/IPS. Its responsibilities will include updating IDS/IPS with new signatures, tuning their signature sets to keep event volume at acceptable levels, minimizing false positives and maintaining up/down health status of sensors and data feeds.
- Providing a vulnerability scanning and reporting service for hosts on AeroNet that will include both ad hoc and scheduled scans. These scans will use COTS tools such as Retina.
JOB SPECIFIC REQUIREMENTS AND SKILLS:
- Three to five (3-5) years of experience working in a Security Operations role in a medium to large enterprise network environment.
- Advanced working knowledge of all MS Office Suite applications (Work, Excel, MS Project, etc.).
- Demonstrated experience in responding to, managing, and resolving security incidents.
- Experience with LAN/WAN networking concepts, IP addressing and routing concepts, Windows / Linux / Unix operating systems, Information Security concepts and best practices.
- Experience with Windows/Linux/Unix server administration is a plus.
- Experience working with a Security Information and Event Management (SIEM) system is a plus.
- Experience working with the following tools is desired: Splunk, DarkTrace, Retina, CarbonBlack.
- Experience with a ticketing system like ServiceNow a plus
**This is a fully remote position. The successful candidate may live anywhere in the United States.
This position requires an active Department of Defense security clearance at the SECRET level or ability to obtain the clearance within a reasonable amount of time.
U.S. citizens only are eligible for a security clearance and this position
- Associates degree in Information Technology, Cyber Security or similar course of study required; Bachelor's degree preferred
- IAT Level-1 Technical Certification required within 90 days of hire - CISSP preferred
- Vendor certifications are a plus
- Submit/Pass a 10-year Dept. of Defense background check, criminal history, drug screening, and fingerprints
- Valid driver's license/Real-ID with clean driver's history
- Applicant must have a strong work ethic, be extremely organized and detail-oriented, be a self-starter with excellent time-management, problem solving, and multitasking skills
- Applicant must have excellent front-facing / face-to-face customer service skills
- Problem solving skills from active listening to, and educating, customers through resolution and a set of delivery expectations
- Excellent communication skills (in English), both verbal and written, to articulate details in a professional manager
- Position may require ability to sit, stand, walk extended distances, bend, stoop, squat and lift to 35 lbs. from the floor to desktop for extended periods of time
$29.77/hour - $35.02/hour, commensurate with experience.
Keywords: Security Operations Center Analyst
Digital Intelligence Systems, LLC (DISYS) is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.