Sr. Cyber Intelligence & Vulnerability Assessment Analyst

Location: Santa Ana, CA
Date Posted: 11-23-2018
All qualified resumes will receive feedback within 24 hours
This position will be responsible for Cyber Intelligence and Vulnerability Assessment for the 24/7 Security Operations Center (SOC). The candidate must have a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and at least 5 years’ experience including experience in collecting, synthesizing, fusing, or authoring unclassified and classified cyber threat intelligence products as well as experience in vulnerability assessment and penetration testing.
 
Job Specific Responsibilities:
  • Develop moderately complex security designs and test plans using existing technology.
  • Perform and document root cause analysis for security incidents.
  • Perform and document vulnerability analyses
  • Develop cyber security analytics and threat intelligence using multiple data sources provided to the Security Information and Event Management (SIEM) system.
  • Work closely with the SAIC CISO to identify and recommend process and system improvements to the security program.
  • Create relevant documentation and recommendations for changes to the current security architecture.
  • Drive the capabilities and execution to effectively optimize and improve enterprise security.
  • Demonstrate expert level knowledge of security services and implementations.
  • Investigate, positively identify, and document anomalous events and incidents that are escalated by Tier 1 engineers.
  • Document and escalate appropriate events and incidents to Tier 3 engineer.
  • Examine cyber adversary techniques in order to develop defensive methodologies.
  • Conduct risk analysis and convert it into actionable monitoring recommendations to be conducted by the SOC.
  • Conduct vulnerability assessments and recommend remediation and mitigation strategies and implementations to ensure effective achievement of the organizational objectives.
  • Provide support for security incidents throughout the incident lifecycle as needed and make recommendations to ensure enterprise infrastructure is protected.
  • Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
  • Work with the SAIC CISO to develop a metrics program to report on overall SOC performance and effectiveness.
 
VENDORS/TOOLS/MANAGEMENT SYTEMS
  • Wireshark
  • LogRhythm
  • ServiceNow
  • Keylight
  • Nessus
  • Microsoft Exchange and Microsoft Exchange Online Protection
  • Sourcefire
  • Blue Coat
  • Zscaler
  • McAfee Data Loss Prevention
 
 
REQUIRED QUALIFICATIONS & EXPERIENCE
  • Bachelor degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and a minimum of five years of experience in Cyber Security.
  • Must be able to meet all Law & Justice and departmental clearance requirements prior to starting work and be eligible to pass law enforcement level background investigations and obtain U.S. SECRET (or similar) clearances as required.
  • Demonstrated Experience with Cyber Intelligence & Vulnerability Assessment including expert experience in at least two of the following areas:
(a) Vulnerability Assessment;
(b) Intrusion Prevention and Detection;
(c) Access Control and Authorization;
(d) Policy Enforcement;
(e) Application Security;
(f) Protocol Analysis;
(g) Firewall Management;
(h) Incident Response;
(i) Encryption;
(j) Web‐filtering;
(k) Advanced Threat Protection
 
KEY REQUIREMENTS
  • Security+ and/or CySA, plus CCNA Certification,
  • Experience with Nessus vulnerability scanning
  • Experience with Security Information and Event Management Tools (LogRhythm).
  • Experience with vulnerability assessment tools (Nessus).
  • Experience writing moderately complex scripts.
  • Understanding of networking concepts and technologies including TCP/IP, Routing, Switching, NAT, OSI Model, etc.
  • Ability to manage multiple projects and multiple deadlines in an organized fashion.
  • Understanding of advanced data analysis and management concepts.
  • Technical writing abilities to author technical and management risk reports.
 
DESIRED QUALIFICATIONS & EXPERIENCE
  • Certified Information Systems Security Professional (CISSP)
  • CCNP/CCDP
  • SANS/GIAC certifications
  • Cisco WLAN certification
  • Experience in Information Assurance Policy and Guidelines
  • NIST Special Publication 800-53
  • NIST Cybersecurity Framework
  • ITIL® Foundation Level or higher Certification
or
this job portal is powered by CATS