Location: El Paso TX
Company Name: Abacus Technology
Occupational Category: 15-1199.08,Business Intelligence Analysts
Date Posted: 2020-02-10
Valid Through: 2020-03-11
Employment Type: FULL_TIME
Abacus Technology is seeking a Cyber Threat Analyst to provide technical support to the NEC at Fort Sam Houston. This is a full-time position.
Conduct security risk assessments and provide cyber security threat detection utilizing network and host- based computer security tools, appliances and end point products. Provide technical guidance and expertise in the areas of secure application development, security risk management and assessment, security policies and standards, security architectures and implementations, and effective security risk assessment practices. Maintain system baselines and configuration management items, including security event monitoring "policies" in a manner determined and agreed to by program management. Perform analysis of all security systems log files, review and keeps track of triggered events, research current and future cyber threats, reconcile correlated cyber security events, develop and modify new and current cyber security correlation rule sets, and operate security equipment and technology. Perform application and technology design reviews, security risk assessments, requirements analysis, security testing oversight, risk remediation planning, and security project management. Provide analysis on the development and integration of a security development lifecycle (SDL) to include secure development, testing, and configuration of application and web architectures. Implement, maintain and perform periodic compliance validations checks in accordance with DISA STIG and NIST SP-800.53 Risk Management Framework security controls for network infrastructures and components. Identify and remediate security vulnerabilities. Assist in the installation, maintenance, and usage of the organization's local area network. Assist in the establishment of network procedures regarding access methods and time, security validation checks, and documentation. Monitor and tracks continuity with software licensing and maintenance agreements. Troubleshoot network problems. Maintain access to classified COMSEC information, loading of COMSEC key, and/or Controlled Cryptographic Items (CCI) at Government work location only. Provide hand receipting for COMSEC material from a supporting government COMSEC Account Manager (CAM) as long as they meet the guidelines in AR 380-40.
8+ years experience in network and cyber security administration. Bachelor’s degree in a related field desired. Must be Security+ CE certified (or equivalent certification to meet DoD 8570 IAT II requirement). ArcSight administrator or analyst certification (HP ASE or ATP) required. Must obtain a DD 2501 (Courier Authorization Card) when handling COMSEC material and equipment. Experience with design and development of secure enterprise communications systems. Experience with the analysis, systems design, implementation and testing of secure enterprise information systems. Experience in Network Security with emphasis in design, implementation, operations and maintenance of a variety of security, security information and event management (SIEM) services, application and database servers, relevant network security appliances and Endpoint security products. Experience in documenting security incidents as identified in the incident response documentation and escalating to management as required. Experience performing packet analysis, identifying malformed packets and their payloads. Experience in integration of security products, including designs for all networks as well as designing, engineering, integrating, configuring, testing and deploying them. Experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools and other security tools found in large network environments. Experience working with Security Information and Event Management (SEIM) solutions. Technical experience in cyber security, information assurance, network security, computer information systems, computer science, or management information systems. Expert knowledge of firewalls, Intrusion Prevention Systems (IPS), and Virtual Private Network (VPN) technologies. Expert knowledge of encryption, anti-virus, and patch management technologies. Proficient in the installation, configuration, trouble shooting and optimization of Intrusion Detection Systems (IDSs), Intrusion Protection Systems (IPS) and network appliances designed to bolster defense of networks from unauthorized access or maneuver. Specific knowledge of the Firewall related technologies. Specific knowledge of the McAfee network and host-based IPS. Expert knowledge of various IP protocols and their behavior. Knowledge and experience communicating networking concepts to technical and non-technical personnel. Able to develop technical documents and produce system design documentation. Project a positive image and professional manner at all times; ability to work within the confines of a set time schedule. Familiar with AR 380-40, Chapter 6, Communication Security Incidents which identify reporting procedures for COMSEC incidents and be familiar with Appendix B, security classification guidelines. Must be a US citizen and hold a current Top Secret clearance.
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.