CSIRC Tier 3-4 Analyst

Computer Security Incident Response Center (CSIRC) Tier 3/4 Analyst Tracking Code 017-142 Job Description WITCOM has an immediate, funded opportunity for a Tier 3/4 Analyst to join our mission critical customer in Washington, DC. Qualified candidates must possess a minimum Top Secret clearance or be able to obtain a Public Trust Level 6c. The overall objective of this position is to function in an Analyst capacity and provide Tier 3/4 analysis of security tool event feeds, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and advanced persistent threat (APT) detection, and malware analysis/forensics, and create and track investigations to resolution according to established industry best practices. The ideal candidate should be able to multitask and give equal attention to a variety of functions while under pressure. The individual must have very good communication skills, including the ability to write and verbally articulate industry terminology to successfully brief management. The candidate will be required to stay up-to-date with current vulnerability methodologies, attack vectors and countermeasures, along with staying current in all security related news and developments. Monitor and analyze network traffic, intrusion detection systems (IDS), security events and audit logs Prioritize and differentiate between potential intrusion attempts and false alarms Create and track security investigations to resolution Compose security alert notifications and other communications as required Advise incident responders in the steps required to investigate and resolve computer security incidents Stay and remain up-to-date with current vulnerability methodologies, attack vectors and countermeasures Provide comprehensive threat analysis reporting from multiple tools based on provided indicators Desired Skills Familiarity with various network and host-based security applications and tools such as network and host assessment/scanning tools, network and host base intrusion detection systems, and other security software packages Previous experience providing training and meeting expected performance service level agreements (SLAs) Prior computer forensics experience strongly encouraged Must possess excellent written communication skills and the proven ability to understand and present complex, technical information to both technical and non-technical audiences Must be able to work independently and/or as part of a team Required Experience Bachelor’s Degree in Computer Science, Engineering, or related field preferred, along with 5-8 years of directly related experience, or Masters Degree, or equivalent experience within related field Previous experience on a Computer Incident Response Team (CIRT)/Computer Emergency Response Team (CERT), or Computer Security Incident Response Center (CSIRC), or a Cyber Security Operations Center (SOC) environment Experience with anti-virus, intrusion detection systems, firewalls, Active Directory, vulnerability assessment tools and other security tools found in large networks environments, along with experience working with Security Information and Event Management (SIEM) solutions Solid working experience with security monitoring tools such as Splunk, RSA Netwitness (security analytics), Tanium, ForeScout or similar tools Industry Certification such as Certified Incident Handler (GCIH), Cyber Security Essentials Certification (GSEC), Security +, Certified Ethical Hacker (CEH), or Certified Information Systems Security Professional (CISSP) COPYRIGHT WITCOM 2016. ALL RIGHTS RESERVED.

#J-18808-Ljbffr