picture
Back to Job Listings

Job Detail

Title: Senior IDS Analyst
Location: Northern Virginia
Clearance: TS/SCI with Full Scope Polygraph clearance required.

Job Description

Program-Project Description:They are looking for a Senior Analyst to come in and help in detecting malware attacks on their multiple networks.  The program calls for support between the hours of 6am to 6pm.  The program is broken down into four functional areas, O&M, IDS Analysis, Systems Engineering and InfoSec Engineering.  They do Computer Forensics, IDS, ADS, APS, etc and close to 40 million hits daily.  It is a very fast paced environment and each of the 20 people on the program wear many different hats. The candidate should will be expected to role up their sleeves and help with Vulnerability analysis, network engineering concepts, information security, concepts of computer malware infection rates and types, investigation of infection impacts and reporting results.  They will also be expected to evaluate, interpret, verify, and authenticate proper use of customer network resources in support of 24/7 operations center, and will develop and submit reports concerning irregular network activity. They will also formulate and coordinate responses to identified anomalous activity on customer networks.  They will review system logs in support of analysis activities, will perform functional analysis and timeline analysis.   Day-to-Day Responsibilities:§ Perform Tier 1 real-time monitoring and reporting of IDS systems, including:·     Correlate data from IDS (Intrusion Detection Systems) with other sources such as firewalls, anomaly detection systems (ADS) and netflow logs.·     Maintain IDS signatures and policies.·     Provide daily/weekly/monthly IDS reporting as required.§ Produce reports identifying significant or suspicious security events.§ Maintain knowledge of current security threat levels by monitoring both open-source and classified intelligence sources.§ Be able to modify/add custom IDS policies and signatures to account for lack of monitoring in threat areas as warranted by threat changes, such as zero-day attacks.  This includes the use of SNORT and TRONS rules.§ Identify misuse, malware, or unauthorized activity on monitored networks.§ Provide on-call support after business hours subject to the following guidelines;·     In individual who is “on call” is expected to carry a duty pager one week out of every six weeks. Skills Inventory:Essential:BS Computer Engineering, Information Systems or equivalent, or 8 years of experience in lieu of a degree.At least 5 years of prior analysis or other information assurance experience if degreed, 13 years if non-degreed.IDS SIM tools (ArchSight, TCPDump, SNORT, Etheral/Wireshark, network sniffers)Written and oral skillsMicrosoft Office suiteDetailed orientedCCNA or demonstrated equivalent knowledge of internetworking.

Contact Information

Contact Email: careersatsignaturegs.com
Please send us an email with your resume attached in Word format.

Originally posted at http://signaturegs.com/?q=node/33