Cyber Security Watch Positions/Security Engineer

Location: Washington, DC
Date Posted: 11-20-2017
We are seeking a Cyber Security Watch candidate for a full time opening in Washington, DC. All applicants must be U.S Citizens with an active Top Secret Clearance and the ability to obtain a Q/SCI.
PRIMARY RESPONSIBILITIES:
  • Serve as the Cybersecurity Watch Analyst responsible for analyzing information collected from a variety of sources to identify, analyze, and report on events to protect information systems and networks from threats.
  • Perform technical security activities to include:
    • Characterize and analyze security events to identify anomalous and potential threats to systems
    • Analyze identified malicious activity to determine exploitation methods and impacts
    • Triage intrusions, malware, and other cybersecurity threats
    • Document, track and escalate cybersecurity incidents
  • Comment on new ODNI/NIST standards / regulations as applies to client environment
  • Employ best practices when implementing security requirements within an information system. 
  • Participate in IC Community Shared Resources Working Group.
  • May serve as a technical team or task leader.
  • Maintains current knowledge of relevant technology as assigned.
  • Respond to cyber incidents as defined in DOE-IN Incident Response and local SOP.
  • Participates in special projects as required.
  • 12 years of cyber security experience with a Bachelor’s Degree in a technical field.
  • Desired Candidates have CISSP or other security certification.
  • Knowledge of common adversary tactics, techniques, and procedures.
  • Experience working in a SIEM, interpreting IDS alerts, and deriving context from event logs
  • Candidates must have the following experience and knowledge:
  • Knowledge of the IC and audit collection policies.
  • Possess effective interpersonal and presentation skills as he/she operates in a client-facing role.
  • Possess the ability to communicate in written and oral form.  Publication or presentation experiences a plus.
  • Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures.
GENERAL CHARACTERISTICS:
  • Candidate will be a Proactive Self Starter
  • Candidate will Require Little to No Immediate Supervision or Day to Day Tasking
  • Candidate will Possess Excellent Decision Making Skills.
  • Candidate will Demonstrate Flexibility and Possess the Willingness to Support Shift Work if Needed.
  • Candidate will Possess Excellent ability to collaborate as a Team and Possess Excellent Interpersonal Skills.
  • Candidate will Possess Excellent Oral and Written Communication Skills and be able to Interact with Senior Levels of Management.
  • Possesses experience supporting the Intelligence Community (IC)
  • Experience analyzing host based security events and indicators
  • Experience analyzing network based security events and indicators
  • Experience working in a SOC and supporting incident response
  • Experience with supporting the Joint Worldwide Intelligence System (JWICS).
  • Knowledge of cloud architecture.
  • Knowledge of virtualization capabilities
CLEARANCE:
 Must possess an active TS clearance (SCI preferred) and ability to obtain a Q/SCI clearance. To ensure Q clearances are processed in a timely manner (3-6 months), candidates must be natural born citizens. It is recommended not to consider candidates with immediate family members that are not natural born citizens as the processing time will likely exceed 6 months. Immediate family members include parents, siblings, spouse/partner, children.
 
or
this job portal is powered by CATS