- Investigate attacks against customer networks.
- Monitor and analyze log data, network traffic and/or alerts generated by a variety of security technologies in real-time; escalate and explain validated security incidents to customers.
- Write up security incident reports detailing the threat, its characteristics, and possible remediation activities.
- Research new threats and ensure appropriate detection capabilities are in place to identify and respond to these threats.
- Routinely review security incidents and other customer deliverables for adherence to the established procedures and guidelines. Document, rectify, and provide feedback to other analysts as necessary.
- Ensure the quality and timeliness of the security incident detection and classification service.
- Ensure standards and procedures are adhered to within defined SLA’s.
- Articulate security issues to customers, both verbally and written.
- Referring difficult or complex issues to more experienced staff.
- Understanding of current vulnerabilities, attacks and countermeasures.
- Developing knowledge of security technologies, cyber-attacks and vulnerabilities.
- Identify opportunities for process improvement.
- Manage and track customer issues and requests.
- Work within a 24x7x365 team to further support the timely delivery of monitoring services and support across multiple customers.
- This position may be assigned to a rotating shift schedule.
- Support other teams as needed
- Minimum of 3 years’ experience in an operational environment, with customer-facing responsibilities.
- Minimum of 3 years’ experience in an information/cyber security role – ideally focused on intrusion detection/security monitoring and analysis.
- Minimum of 2-year experience understanding of the cyber security threat landscape, including detailed technical knowledge about the most prevalent vulnerabilities, threats, attack methods, and infection vectors.
- Minimum of 2- year experience in computer networking, including a detailed understanding of TCP/IP and other core Internet protocols.
- Minimum 2 -year experience with programming languages such as Python, Java, C# and able to automate basic task.
- Minimum of 1-year experience technical and troubleshooting skills with the ability to be dynamic and adapt in order to solve complex technical issues with customers and partners.
- Minimum 2- year experience retrieving information and generating reports using SQL.
- Minimum of 2 year with one or more of the following certifications: SANS GCIA, SANS GCFA, SABS GCFE, OSCP.
- Strong customer service and interpersonal skills
- The ability to communicate clearly at all levels, demonstrating strong verbal and written communication skills.
- Consistently high levels of teamwork and professionalism
- Passion for cyber security, learning, and knowledge sharing
- Strong troubleshooting skills with the ability to be dynamic and adapt in order to solve complex technical issues with customers and partners
LocationsDC,DC - Washington
Federal - AWS or Azure Cloud Security Specialist
Posted 3 days ago
Federal - Mobility Security Engineer
Posted 3 days ago
USA MD - Germantown
Federal - Information System Security Officer (ISSO)
Posted 5 days ago