Must have an active current DoD Top Secret clearance
• Ability to convey system risks/assessments/vulnerabilitiesto all technical levels to include administrative staff, management staff and subject matter expert technical staff
• Experience and/or familiarity with the following network protection devices: firewalls, intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis including.
- Ability to modify IDS signature Thresholds/Suppressions based on activity - Writing/modifying/applying Security Policies and deploy to specific sensors.
• Experience with operation and maintenance of Information Assurance Tools to include Tuning, configuration, and maintenance including: - Tuning signatures based on requirements, trend analysis, and threat intel. - Deep dive analysis for triggered events. - Writing searches.
•Acts as SME for Windows Platforms (Knowledge of LINUX/Network/Databases would be beneficial)
Past experience on a SOC/CIRT Watch Team
• Conduct Information Assurance Vulnerability scanning to include Adhoc and specialized request scans and assist team members in to reconcile results, and report all findings
• Understand and utilization ofSPLUNKwould be beneficial
• Understanding and utilization ofHBSS/McAfee ePOto analyze risk assessments within the application and network •Experience with the following: ◦Firepower ◦ Netwitness Burp Suite Professional ◦ Imperva ◦Splunk ◦ Metasploit Pro ◦ Nexpose ◦ Nessus ◦ Red seal