T-Rex Solutions LLC
NOSC Cyber Manager
T-Rex Solutions LLC, Washington, District of Columbia, us, 20022
T-Rex Solutions
is seeking a Network Operations Security Center (NOSC) Cyber Manager, assisting in the
monitoring
, detection, analysis, mitigation, and response to threats and adversarial activity
.
The DHS NOSC Lead has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and
is responsible for
directing and coordinating detection and response activities performed by each Component SOC.
The Monitoring and Analysis team provides 24x7 support across 4 different shifts. We have
front
half shifts (day and night) and back half shifts (day and night). The front half shift will work 12-hour shifts from Sunday - Tuesday and alternating Wednesdays. The back half shift will work 12-hour shifts from Thursday - Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary.
Duties include network security monitoring and detection, pro-activelysearching for threats, inspecting traffic for anomalies and new malware patterns,
investigating
and analyzing logs,
providing
analysis and response to alerts, and documenting activity in NOSC investigations and Security Event Notifications (SENs).
This position will typically be located in either Colorado Springs, CO, Stennis, MS, Chandler, AZ, National Capitol Region (NCR) or Remote where applicable. Candidates who meet the minimum qualifications, appropriate clearance level, and are geographically aligned (or the ability to relocate) will be considered first.
Responsibilities:
Supervise and manage a small team of Cyber Network Defense Analysts (CNDAs) within the NOSC in support of the government customer
Manage and conduct hands-on technical detection, analysis, containment, eradication, and remediation as a member of the Incident Response team
Guide and mentor peers and subordinates to provide cross training
Ensure accountability and punctuality of security analysts assigned to your shift
Capture cybersecurity metrics that support executive-level briefings (daily, weekly, monthly)
Articulate daily challenges to the Government Watch Officer (GWO)
Analyze web and host logs for indications of compromise
Re-mediate and coordinate the remediation of infected or compromised devices
Ensure shift continuity during call-outs and emergencies
Compile incident reports, executive summaries, and analysis reports of intrusions and/or security events
Document and update processes, workflows, and technical guides
Perform simple firewall rule changes (after training)
Requirements:
A Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field and a minimum of eight (8) years total professional experience in at least two (2) of the areas listed below:
Vulnerability Assessment
Intrusion Prevention and Detection
Access Control and Authorization
Policy Enforcement
Application Security
Protocol Analysis
Firewall Management
Incident Response
Encryption
Web-Filtering
Advanced Threat Protection
Military experience and training may be considered in lieu of degree
Active advanced cybersecurity certification(s)
Experience conducting detailed technical analysis of Cybersecurity Events and Incidents
Candidates should also demonstrate the following:
Extensive knowledge of a SOC's/NOSC's purpose and role within an organization
Detailed understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
Expertise with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc).
Expertise with packet analysis tools such as Wireshark
Able to perform critical thinking and analysis to investigate cyber security alerts
Extensive knowledge of common malware and attack vectors
Extensive experience with Windows operating systems and standard OS logging
Extensive experience with Antivirus, DLP, and host-based firewalls
Must have at least one of the following certifications:
Comptia: Security+, Network+, CASP
SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH
EC Council: CEH, CHFI, LPT, ECSA
ISC2: CCFP, CCSP, CISSP CERT CSIH
Offensive Security: OSCP, OSCE, OSWP and OSEE
Active Top Secret Security clearance with Dept of Homeland Security (DHS) or Customs & Border Protection (CBP)Active Top Secret Security clearance with Dept of Homeland Security (DHS) or Customs & Border Protection (CBP) preferred
Desired Skills:
Malware reverse-engineering experience
Two (2 plus) years of experience as an operations/technical lead on similar projects
Experience supporting 24x7
missions
Experience in network and cybersecurity design,
engineering
and operations
Experience with Service Desk support and operations
Experience with NIST SP 800 series or ISO 27000 series documents for information security management and risk assessment
Understanding of DevOps/Agile concepts and processes
Extensive KSAs in SOC methodologies and processes
Experience with scripting languages (e.g.
,
Python,
PowerShell
,
JavaScript
, VBS etc
.
)
T-Rex Overview
Established in 1999, T-Rex Solutions, LLC is a proven mid-tier business providing data-centric mission services to the Federal government as it increasingly tries to secure and leverage the power of data. We design, integrate, secure, and deploy advanced technical solutions for our customers so they can efficiently fulfill their critical objectives. T-Rex offers both IT and professional services to numerous Federal agencies and is a leader in providing high quality and innovative solutions in the areas of Cloud and Infrastructure Services, Cyber Security, and Big Data Engineering.
T-Rex is constantly seeking qualified people to join our growing team. We have built a broad client base through our devotion to delivering quality products and customer service, and to do that we need quality individuals. But more than that, we at T-Rex are committed to creating a culture that supports the development of every employee's personal and professional lives. T-Rex has made a commitment to maintain the status of an industry leader in compensation packages and benefits which includes competitive salaries, performance bonuses, training and educational reimbursement, Transamerica 401(k) and Cigna healthcare benefits.
T-Rex is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors.
In compliance with pay transparency guidelines, the annual base salary range for this position is $120,000 - $155,000. Please note that the salary information is a general guideline only. T-Rex considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer.
T-Rex offers a diverse and collaborative work environment, exciting opportunities for professional growth, and generous benefits, including: PTO available to use immediately upon joining (prorated based on start date), paid parental leave, individual and family health, vision, and dental benefits, annual budget for training, professional development and tuition reimbursement, and a 401(k) plan with company match fully vested after 60 days of employment among other benefits.
#J-18808-Ljbffr
is seeking a Network Operations Security Center (NOSC) Cyber Manager, assisting in the
monitoring
, detection, analysis, mitigation, and response to threats and adversarial activity
.
The DHS NOSC Lead has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and
is responsible for
directing and coordinating detection and response activities performed by each Component SOC.
The Monitoring and Analysis team provides 24x7 support across 4 different shifts. We have
front
half shifts (day and night) and back half shifts (day and night). The front half shift will work 12-hour shifts from Sunday - Tuesday and alternating Wednesdays. The back half shift will work 12-hour shifts from Thursday - Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary.
Duties include network security monitoring and detection, pro-activelysearching for threats, inspecting traffic for anomalies and new malware patterns,
investigating
and analyzing logs,
providing
analysis and response to alerts, and documenting activity in NOSC investigations and Security Event Notifications (SENs).
This position will typically be located in either Colorado Springs, CO, Stennis, MS, Chandler, AZ, National Capitol Region (NCR) or Remote where applicable. Candidates who meet the minimum qualifications, appropriate clearance level, and are geographically aligned (or the ability to relocate) will be considered first.
Responsibilities:
Supervise and manage a small team of Cyber Network Defense Analysts (CNDAs) within the NOSC in support of the government customer
Manage and conduct hands-on technical detection, analysis, containment, eradication, and remediation as a member of the Incident Response team
Guide and mentor peers and subordinates to provide cross training
Ensure accountability and punctuality of security analysts assigned to your shift
Capture cybersecurity metrics that support executive-level briefings (daily, weekly, monthly)
Articulate daily challenges to the Government Watch Officer (GWO)
Analyze web and host logs for indications of compromise
Re-mediate and coordinate the remediation of infected or compromised devices
Ensure shift continuity during call-outs and emergencies
Compile incident reports, executive summaries, and analysis reports of intrusions and/or security events
Document and update processes, workflows, and technical guides
Perform simple firewall rule changes (after training)
Requirements:
A Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field and a minimum of eight (8) years total professional experience in at least two (2) of the areas listed below:
Vulnerability Assessment
Intrusion Prevention and Detection
Access Control and Authorization
Policy Enforcement
Application Security
Protocol Analysis
Firewall Management
Incident Response
Encryption
Web-Filtering
Advanced Threat Protection
Military experience and training may be considered in lieu of degree
Active advanced cybersecurity certification(s)
Experience conducting detailed technical analysis of Cybersecurity Events and Incidents
Candidates should also demonstrate the following:
Extensive knowledge of a SOC's/NOSC's purpose and role within an organization
Detailed understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
Expertise with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc).
Expertise with packet analysis tools such as Wireshark
Able to perform critical thinking and analysis to investigate cyber security alerts
Extensive knowledge of common malware and attack vectors
Extensive experience with Windows operating systems and standard OS logging
Extensive experience with Antivirus, DLP, and host-based firewalls
Must have at least one of the following certifications:
Comptia: Security+, Network+, CASP
SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH
EC Council: CEH, CHFI, LPT, ECSA
ISC2: CCFP, CCSP, CISSP CERT CSIH
Offensive Security: OSCP, OSCE, OSWP and OSEE
Active Top Secret Security clearance with Dept of Homeland Security (DHS) or Customs & Border Protection (CBP)Active Top Secret Security clearance with Dept of Homeland Security (DHS) or Customs & Border Protection (CBP) preferred
Desired Skills:
Malware reverse-engineering experience
Two (2 plus) years of experience as an operations/technical lead on similar projects
Experience supporting 24x7
missions
Experience in network and cybersecurity design,
engineering
and operations
Experience with Service Desk support and operations
Experience with NIST SP 800 series or ISO 27000 series documents for information security management and risk assessment
Understanding of DevOps/Agile concepts and processes
Extensive KSAs in SOC methodologies and processes
Experience with scripting languages (e.g.
,
Python,
PowerShell
,
JavaScript
, VBS etc
.
)
T-Rex Overview
Established in 1999, T-Rex Solutions, LLC is a proven mid-tier business providing data-centric mission services to the Federal government as it increasingly tries to secure and leverage the power of data. We design, integrate, secure, and deploy advanced technical solutions for our customers so they can efficiently fulfill their critical objectives. T-Rex offers both IT and professional services to numerous Federal agencies and is a leader in providing high quality and innovative solutions in the areas of Cloud and Infrastructure Services, Cyber Security, and Big Data Engineering.
T-Rex is constantly seeking qualified people to join our growing team. We have built a broad client base through our devotion to delivering quality products and customer service, and to do that we need quality individuals. But more than that, we at T-Rex are committed to creating a culture that supports the development of every employee's personal and professional lives. T-Rex has made a commitment to maintain the status of an industry leader in compensation packages and benefits which includes competitive salaries, performance bonuses, training and educational reimbursement, Transamerica 401(k) and Cigna healthcare benefits.
T-Rex is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors.
In compliance with pay transparency guidelines, the annual base salary range for this position is $120,000 - $155,000. Please note that the salary information is a general guideline only. T-Rex considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer.
T-Rex offers a diverse and collaborative work environment, exciting opportunities for professional growth, and generous benefits, including: PTO available to use immediately upon joining (prorated based on start date), paid parental leave, individual and family health, vision, and dental benefits, annual budget for training, professional development and tuition reimbursement, and a 401(k) plan with company match fully vested after 60 days of employment among other benefits.
#J-18808-Ljbffr