Listing Description
Tailored Solutions is currently seeking multiple Junior, Intermediate and Senior Intrusion Analysts/Threat Hunters who possess skills and experience specifically in the areas of intrusion analysis & detection, network traffic & packet analysis, threat hunting and file/malware analysis. These individuals will be members of a Joint Security Services Provider based in Arlington, VA. This 24x7x365 team is responsible for actively defending the Enterprise networks of the Pentagon.
We are looking for individuals that are not only passionate about cyber security, but also passionate about defending our customer's computing environments and will take pride in doing so. You will be a member of a Defensive Cyber Operations (DCO) team whose primary responsibility is to monitor, analyze and escalate all suspicious and/or unauthorized activity traversing the networks of the Pentagon.
You must possess knowledge of principles and techniques applied in providing real-time tactical and/or strategic intrusion monitoring, threat hunting and analysis with a technical proficiency in both Linux and Windows environments. Knowledge of and/or experience with both shell scripting and the use of regular expressions for network traffic pattern matching (IDS/IPS signature analysis & development) as well as event data pattern matching for pertinent information relating to network-based and host-based security information is desirable.
Must possess a fundamental knowledge and understanding of network and security operations as well as network monitoring procedures. Experience with various types of Intrusion Detection Systems (IDS) & Intrusion Prevention Systems (IPS), Web Content Filtering (WCF) Systems, Security Information and Event Management (SIEM) solutions, sandbox technologies and knowledge of best practices regarding network security architecture and signature development. Knowledge of CERT procedures and NOSC operations is also desirable.Day-to-day responsibilities will include the following:
Real-time monitoring and retrospective analysis of alert, session, statistical, file, host and full pcap data leveraging numerous aggregation, correlation, orchestration, reporting and visualization platforms
Ensure uptime, availability and integrity of all security systems (active/passive) and the datasets that they produce
Ability to recognize “known” attacks or suspicious/malicious activity within network flows/streams
Signature tuning, analysis and development
Apply updates to COTS toolsets based on documented processes and procedures
Documenting processes and procedures of all infrastructure operations
Job Requirements:
Knowledge of TCP/IP as well as network analysis using various toolsets (tcpdump, wireshark, etc.)
Must have a minimum of 1-year Linux experience
Must have a minimum of 1-year network security experience
Desirable Requirements:
Possess a basic understanding of regular expressions
Possess a basic understanding of scripting languages (perl, python, etc.)
Possess a basic knowledge of hacking techniques and attack methodologies as well as mitigations of those techniques and methodologies
Demonstrate an ability to work independently with minimal supervision
Demonstrate an ability to handle concurrent projects and assignments
Demonstrate a desire and willingness to continue to expand your area of knowledge in security best practices and technologies
Focus under pressure and respond appropriately to critical situations or incidents
Must be able to successfully pass several security background investigations
Listing Details
- Salary: $130000 - $150000
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: No Requirements
- Travel: No Travel
- Telework: No Telecommute