Security Analyst 3A (Contingent)
Shift is M-F 2:30pm to 11:00 pm
The successful candidate will be responsible for maintaining signatures on the IDS infrastructure and responding to alerts that the sensors generate. Assist in the evaluation process if modifications to the encompassing IDS solution are needed.
Duties & Responsibilities
Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
Review all incoming IDS alerts and document all identified problems.
Analyst all level of problems and document findings in accordance with procedures.
Identify and escalate priority problems.
Monitor and compile incident reports and perform quality assurance activities.
New Technology Support
Remain up-to-date on IDS related technologies
Intrusion Detection Maintenance Support
Identity newly discovered vulnerabilities and exploits.
Apply new intrusion detection signatures.
Some creation of custom signatures may be required.
Install updates on new signatures.
Document newly discovered vulnerabilities and updates in order to show accuracy of an turnaround for detection.
Provide diagnosis and possible remediation suggestions.
Review daily log data gathered from various resources such as sensors, alert logs, firewall logs, content filtering logs
Identify possible intrusion attempts or other anomalies
Filter non-threatening network traffic for enhanced reporting accuracy.
Manage a problem resolution process from initial reporting to resolution.
Make determinations of the operation impact of a particular threat.
Recommend immediate corrective actions to higher level network engineers.
Respond to new threats, initiate and assist in drafting remediation strategies.
Provide ongoing monitoring of intrusion detection systems and newly developed exploits for Windows and UNIX systems.
The ideal candidate is required to possess a working knowledge of IDS and the role such systems play in detecting intrusion attempts.
Experience creating custom intrusion signatures to detect specific network traffic anomalies is desired.
Requires comprehension of and experience with most viruses and worms which may infiltrate into and propagate throughout a large network
Experience populating sensors with newly available signatures when responding to events or management requests.
2 years of experience monitoring Intrusion Detection Systems.
Security + Certification is required
Knowledge of IDS and the role such systems play in detecting intrusion attempts.
Experience with Snort, Dragon, ArcSight, Blue Coat Reporter and/or Squil.
Selected candidate must be able to pass a background check and be eligible to receive a Public Trust level clearance. We will facilitate the clearance process, but the candidate will not be able to begin work until the clearance process is complete (generally 4-5 weeks).
BA/BS in Computer Science, Information Services or comparable discipline required or demonstrated success with equivalent work experience
Equivalent combination of knowledge and specialized experience may be acceptable in lieu of a degree.
**The selected applicant will be subject to a background check and drug testing.
- Job Family Operations
- Job Function Computer Security Specialists
- Pay Type Hourly
- Durham, NC, USA