Knowledge and skills are needed in the areas of security analysis, security engineering, and conducting incident response & investigations.  A wide range of knowledge and skills are needed such as: • Provide support to a Security Operations Center in the detection, response, mitigation, and reporting of cyber threats affecting client networks • Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations • Provide analysis for correlated information sources and produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk • Provide support configuring and managing SIEMs, Firewalls, NIDS and HIDS, Proxies, and Active Directory (Group Policy) • Provide TIC Architecture engineering support • Provide Vulnerability Management Program support • Manage Internal Networks/Systems • Support a customer assistance program (i.e. assisting various internal customers with resolution of technical and security issues, etc). • Provide support with secure network planning, deployment, and management • Facilitate the customer’s posturing itself to aggressively investigate cyber activity targeting customer information and its information infrastructure • Support customer’s Cyber Threat Working Groups • Assist  the customer training department in the education of staff on the cyber threat

  1+ years as a senior engineer performing IDS/audit analysis; 3+ years performing vulnerability assessments and penetration testing; and 5+ years in an Information Security related field. A bachelor’s degree is required however 8 or more years of hands-on analysis and engineering experience would be equivalent.  Technical certifications are a plus. Must have the ability to work in a team environment and possess knowledge in the following areas: Current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks Current experience with network intrusion detection and response operations Experience with devices/utilities such as ArcSight, RSA Envision, NetWitness, Solera Networks, ISS Site Protector, SourceFire, SNORT, Dragon IDS, WebSense, IronPorts, Bluecoats, Cisco PIX/ASA firewalls, Cisco ACS, Cisco NAC, and Remedy is a plus Prior experience working in one of the following highly desired: Security Operations Center (SOC/NOSC) Computer Emergency Response Team (CERT/CIRT) DOD/FED Cyber Intel organization DCIO/MCIO, with Cyber Counterintelligence focus