Network Security Specialist

Phia Fairfax , VA 22030

Posted 1 week ago

OVERVIEW:

phia LLC is seeking a skilled Cyber Security Analyst to support a large Federal Security Operations Center (SOC) and its 24x7 mission. This team focuses on Network Data & Forensics Analytics.

DUTIES:

  • Conduct technical analysis of network traffic to identify anomalies, which may represent potentially malicious activity, and document the analysis in prescribed formats
  • Monitor and understand emerging threats on open source, defined as those technical vulnerabilities and exploits that could present a threat to government networks, analyze tools and exploits, and document the analysis in prescribed formats
  • Monitor IDS/IPS alerts, analyze associated network traffic, and document the analysis in prescribed formats
  • Report detected incidents to agencies, work toward resolution, escalate when required according to SOP
  • Develop IDS/IPS signatures based on indicators and analysis
  • Test IDS/IPS signatures to determine successful detection and level of false positives
  • Deploy IDS/IPS signatures based on SOPs
  • Conduct technical analysis of data from partners, constituents, and monitoring systems to understand the nature of attacks, threats, and vulnerabilities
  • Assist with the development of mitigation strategies
  • Coordinate, communicate, share information, with CS&C and NCCIC components
  • Deploy to provide on-site support and assistance in the event of an exercise or cyber incident
  • Identify and document network-based tactics, techniques, and procedures used by an attacker to gain unauthorized system access
  • Participate in inter-agency sponsored community of interest analysis groups, and technical briefings and exchanges.Assist with developing and maintaining Standard Operating Procedures
  • Support the collection and reporting of performance metrics

Requirements

KEY REQUIREMENTS:

  • Bachelors of Science in IT/technical field or related
  • 3-5 or more years of relevant work experience
  • Advanced skills in developing IDS signatures and ability to conceptualize IDS signatures from otherwise disparate information
  • Highly proficient in working with SNORT IDS software
  • In-depth understanding of SOC/NOC operations
  • Strong written and oral communication skills; ability to work autonomously
  • Active SSBIwith ability to obtain a DHS background investigation (EOD)

DESIRED QUALIFICATIONS:

  • DODD 8570 Level II certification (SANS certifications, CISSP)
  • Experience leading and managing within SOC/NOC operations
  • Familiarity with Kill Chain for incident response
  • Familiarity with malware analysis
  • Familiarity with forensics
  • Familiarity with incident response products and best practices
  • Experience with database (e.g. MS Access, SQL) and/or portal administration (e.g. SharePoint)
  • Customer service experience

WORK SCHEDULE: 1st Shift

TRAVEL:

TELEWORK ELIGIBILITY: N/A

SECURITY REQUIREMENTS: Active SSBI with ability to obtain a DHS background investigation (EOD)

Benefits

COMPANY OVERVIEW:

phia LLC ("phia") is a Northern Virginia based, 8a certified small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customers missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia offers excellent benefits to enhance the work-life balance, these include the following:

Medical Insurance

Dental Insurance

Vision Insurance

Life Insurance

Short Term & Long Term Disability

401k Retirement Savings Plan with Company Match

Paid Holidays

Paid Time Off (PTO)

Tuition and Professional Development Assistance

Parking Reimbursement

upload resume icon
See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Network Security Specialist

SOS International, Ltd.

Posted 3 days ago

VIEW JOBS 1/17/2019 12:00:00 AM 2019-04-17T00:00 Company Overview For 29 years, clients in the private and public sectors have relied upon SOS International LLC (SOSi) for critical operations in the world's most challenging environments. SOSi is privately held, was founded by its current ownership in 1989, maintains corporate headquarters in Reston, VA, and specializes in providing logistics, construction, training, intelligence, and information technology solutions to the defense, diplomatic, intelligence and law enforcement communities. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities. 5-180918-7823: Network Security Specialist LocationU.S. - Virginia - FairfaxOpen Date9/18/2018 JOB DESCRIPTION STG, an affiliated company of SOS International LLC (SOSi), is seeking a Network Security Specialist to support the Department of Homeland Security in Fairfax, VA. The selected candidate will perform technical analysis of network activity; the analyst monitors and evaluates network flow data, signature-based IDS events and full packet capture (PCAP) data. Triage IDS alerts; collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, prepare initial summary reports. Monitor and analyze signature-based IDS alerts and associated packet (PCAP) data. Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity. Lightweight programming/scripting skills to automate analytics are a plus. Document key event details and analytic findings in an incident management system. The selected applicant will become part of the United States Computer Emergency Readiness Team (US-CERT), responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities. US-CERT provides advanced network and digital media analysis expertise and defends against malicious activity targeting networks within the United States and abroad. ESSENTIAL JOB DUTIES * Conduct technical analysis of network traffic to identify anomalies, which may represent potentially malicious activity, and document the analysis in prescribed formats * Monitor and understand emerging threats on open source, defined as those technical vulnerabilities and exploits that could present a threat to government networks, analyze tools and exploits, and document the analysis in prescribed formats * Monitor IDS/IPS alerts, analyze associated network traffic, and document the analysis in prescribed formats * Report detected incidents to agencies, work toward resolution, escalate when required according to SOP * Development of IDS/IPS signatures based on indicators and analysis * Testing of IDS/IPS signatures to determine successful detection and level of false positives * Deployment of IDS/IPS signatures based on SOPs * Conduct technical analysis of data from partners, constituents, and monitoring systems to understand the nature of attacks, threats, and vulnerabilities * Assist with the development of mitigation strategies * Coordinate, communicate, share information, with CS&C and NCCIC components * Deploy to provide on-site support and assistance in the event of an exercise or cyber incident * Identify and document network-based tactics, techniques, and procedures used by an attacker to gain unauthorized system access * Participate in inter-agency sponsored community of interest analysis groups, and technical briefings and exchanges. * Assist with developing and maintaining Standard Operating Procedures * Support the collection and reporting of performance metrics MINIMUM REQUIREMENTS * Security Clearance: Active Top Secret Security Clearance with SCI eligibility is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment. * Education: Bachelors Degree in a Cybersecurity related field * Certifications: Security+, GCIA, GCIH, GSE, or other related professional certifications * This position may be filled at multiple grades based on experience: Minimum of 2 years related technical experience for a level 2 role, minimum of 5 years related technical experience for a level 3 role, minimum of 9 years related technical experience for a level 4 role, or minimum of 15 years related technical experience for a level 5 role. * Advanced skills in developing IDS signatures and ability to conceptualize IDS signatures from otherwise disparate information * Highly proficient in working with SNORT IDS software * In-depth understanding of Security Operations Center (SOC)/ Network Operations Center (NOC) operations ADDITIONAL INFORMATION PREFERRED QUALIFICATIONS * CISSP * Previous experience managing a SOC/NOC environment highly preferred * Current DHS Suitability at the SCI level. * Experience working within the Federal government technology community * Knowledge of cyber policy & issues, the global cyber community, roles of major organizations how they interrelate and interact, and shortcomings in this structure. SOS International, Ltd. Fairfax VA

Network Security Specialist

Phia