Information Security Specialist, Staff (Grimlock)

At&T Chantilly , VA 22022

Posted 2 months ago

Job Description: Candidate will perform the following duties:

  • Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks

  • Supports cyber security initiatives through both predictive and reactive analysis Articulates emerging trends to leadership and staff

  • Coordinates resources during incident response efforts, driving incidents to timely and complete resolution

  • Performs network traffic analysis using raw packet data, net flow, IDS data, and custom sensor output

  • Reviews threat data and develops custom signatures

  • Correlates actionable security events and develops unique correlation techniques

  • Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in Zero-Day detection

  • Uses attack signatures and TTPs associated with Advanced Persistent Threats to identify new threats and attacks

  • Conducts basic malware analysis of attacker tools, identifying indicators of compromise, and reverse engineer attacker encoding protocols

  • Interfaces with external entities, including law enforcement and intelligence community organizations

  • Provides analysis of incidents for customers by: determining the incident's nature and formulating responses identifying and providing the ability to surge during emergencies correlating event and incident data determining possible effects on the DODIN, customer networks, and other organizations

  • Ability to work independently and within a team as required

  • Monitors Computer Network Defense (CND) security-relevant network components

  • Performs infrastructure monitoring, performance assessment, new requirement analysis and support Additional Duties

  • Prepare and disseminate CND reports, trends, responses, mitigations, analysis, and information

  • Provide support to leadership for CND applicable activities within Protect, Detect, Respond, and Sustain

  • Support a performance-based environment with pre-determined Acceptable Levels of Performance (ALPs)

  • Support the development, documentation, and tracking of metrics relevant to the ALPs

Interface with government counterparts and leadership

Prerequisites: / Qualifications:
Five (5) years' experience in the Information Systems (IS) environment w/two (2) years' experience in two or more in CND. A working knowledge of both Windows and UNIX networks in homogeneous and heterogeneous environments is a requirement. Exposure to or a working knowledge of Cyber Warfare techniques and Computer Network Defense (CND) technologies is required. Candidate should be familiar with current DoD and Intelligence Community (IC) directive, Instruction, Policies and Guidance documents.

The candidate should have experience in the following areas:

  • Ability to understand various computer architecture, software applications and operating systems

  • Solid working knowledge of network security architecture

  • Understanding of trusted systems and their applications

  • Ability to apply information systems security engineering, security services and mechanism, threats and vulnerabilities to systems

  • Command Line Scripting skills (PERL, Python, PowerShell scripting) to automate analysis task

  • Knowledge of hacker TTPs Be able to conduct basic malware analysis

  • Demonstrated hands on experience with various static and dynamic malware analysis tools

  • Knowledge of advanced threat actor TTPs

  • Understanding of software exploits Ability to analyze packed and obfuscated code

  • Comprehensive understanding of common Windows APIs and ability to analyze shellcode

  • Good technical problem-solving skills

  • Communications and teamwork skills

  • Knowledge of applicable IC/DoD IA policies and NRO policies, directives and standards

Education: Bachelor's in Computer Science (Information Management, Computer Information systems (CIS) or five (5) years' of practical experience in the IS environment w/a minimum of three (3) years direct IA experience. The CISSP and/or CISM is required.

Required Clearance: U. S. Citizen; minimum TS//SCI and CI Poly

Job ID 1843309 Date posted 11/02/2018


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Analyst

Academi

Posted 5 days ago

VIEW JOBS 11/9/2018 12:00:00 AM 2019-02-07T00:00 Constellis was established in 2010 by a group of operators and investors who sought to combine best-in-class brands, assets and people within the complex risk management industry. Today, the leading provider of risk management and operational support services worldwide, Constellis combines the legacy capabilities and experience of ACADEMI, AMK9, Triple Canopy, Olive Group, OMNIPLEX, Centerra, Edinburgh International, Strategic Social and all of their affiliates. From life support, procurement, operations and maintenance to high-threat protection, training, C4I systems integration and crisis response, Constellis helps its clients achieve and sustain success, no matter where they are in the world. Constellis operates in approximately 40 countries with regional offices in Africa, the Americas, Europe and the Middle East. Constellis is headquartered just outside of Washington, D.C. in Reston, VA. Position Responsibilities * Define, implement and maintain corporate security policies and systems specific security documentation for multiple information systems using ISO & NIST 800-53 guidance. * Create and maintain standard operating procedures and Incident Response playbooks * Monitor network, intrusion detection and prevention systems and assist senior team members with the assessment and quantification of risk to information systems * Recommend and install appropriate tools and countermeasures * Conduct security awareness training * Coordinate and validate security plans with outside vendors * Participate in investigations at technical and procedural levels * Responding to security incidents, analyze security breaches to determine their root cause, remediation, and recovery options * Conduct platform or operating system vulnerability scans which assess exposure of system to attacks or hacking. * Respond to questions and issues raised regarding viral activity, spam/phishing etc. * Assist with design, plan and implement test strategies to support the core infrastructure in the contingency environment for all critical business applications to ensure business continuity in the event of a major business interruption or disaster. * Conduct and /or assist with internal and external security audits, operational risk assessments, compliance/reporting & reports of operational risks associated with IT/IS infrastructure, access to systems, exposure to attacks, etc. Essential Skills and Experience * Minimum one year of experience working with NIST Standards (especially NIST 800 Special Publication 800-53). * Some familiarity with various security toolsets including Nessus, Security Center, Rapid 7, Dark Trace, Netwrix, Symantec MSS & DLP, etc. * General technical knowledge of various operating systems including Linux, Windows, and OS X * General understanding of networked systems and telecommunications * Ability to communicate technical subject matter in both written and verbal form to non-technical audiences * Must be a U.S. Citizen and hold or be able to obtain a Secret security clearance Valued but not required Skills and Experience: * Experience with LAN, WAN, Cloud and Hybrid Cloud Infrastructure * Demonstrates knowledge in information technologies to include computer hardware and software, operating systems, and networking protocols. * Familiarity with security controls deployed at the network layer including packet filtering, firewalls, Intrusion Detection/prevention systems, etc. * Demonstrates ability to analyze and define security requirements * Demonstrates ability for oral and written communication with the highest levels of management. * Knowledge of authentication technologies and federation * General understanding of virtualization * Some familiarity with major cloud providers (e.g., AWS, Azure, Google Cloud, etc. Certifications Desired * Certified Information Systems Security Professional (CISSP) * Certified Information Security Manager (CISM) * Certified Information Systems Auditor (CISA) * Microsoft/Cisco/Etc. specific system and security credentials WHY CONSTELLIS? With operations across every major continent and an annual revenue of $1.7 billion dollars, Constellis provides a wide array of opportunities for individuals looking to build successful careers in a fast-paced, growing industry. Legal, moral and ethical business practices remain at the cornerstone of our culture and Constellis continues to be recognized for our emphasis on quality and compliance. This strong track-record of performance is supported by our deep relationships across key government agencies and blue chip commercial customers. With more than 21,000 personnel worldwide, the majority of whom are military or law enforcement veterans, we leverage our employees' ambition and passion for creating a safer world. Our extensive operational expertise is augmented by our intimate knowledge of economies, communities and cultures. As a result, we share a willingness to support complex operations in some of the world's most demanding places. BENEFITS: Constellis offers a comprehensive, total rewards package that includes competitive compensation, a flexible benefits package, work-life balance, and tailored career development programs that reflect its commitment to creating a diverse and supportive workplace. Medical, Vision & Dental Insurance Paid Time-Off Program & Company Paid Holidays 401(k) Retirement Plan Insurance: Basic Life & Supplemental Life Health & Dependent Care Flexible Spending Accounts Short-Term & Long-Term Disability Coverage Employee Assistance Program Performance Reviews & Advancement Opportunities Personal Development & Learning Opportunities On-the-job Training, Skills Development & Certifications Employee Referral Program Corporate Sponsored Events & Community Outreach WORKING CONDITIONS: Work is typically based in a busy office environment and subject to frequent interruptions. Business work hours are Monday through Friday from 8 am to 5 pm, however, some extended or weekend hours may be required. PHYSICAL REQUIREMENTS: May be required to lift and carry awkward items weighing up to 30 lbs. Requires intermittent standing, walking, sitting, squatting, stretching and bending throughout the workday. Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled Academi Chantilly VA

Information Security Specialist, Staff (Grimlock)

At&T