Security Analyst 3A (Contingent)

Durham, NC, USA Req #200
Thursday, November 12, 2020

Job Summary

Shift is M-F 2:30pm to 11:00 pm

The successful candidate will be responsible for maintaining signatures on the IDS infrastructure and responding to alerts that the sensors generate. Assist in the evaluation process if modifications to the encompassing IDS solution are needed.

Duties & Responsibilities

  • Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.

  • Review all incoming IDS alerts and document all identified problems.

  • Analyst all level of problems and document findings in accordance with procedures.

  • Identify and escalate priority problems.

  • Monitor and compile incident reports and perform quality assurance activities.

  • New Technology Support

  • Remain up-to-date on IDS related technologies

  • Intrusion Detection Maintenance Support

  • Identity newly discovered vulnerabilities and exploits.

  • Apply new intrusion detection signatures.

  • Some creation of custom signatures may be required.

  • Install updates on new signatures.

  • Document newly discovered vulnerabilities and updates in order to show accuracy of an turnaround for detection.

  • Provide diagnosis and possible remediation suggestions.

Data Analysis

  • Review daily log data gathered from various resources such as sensors, alert logs, firewall logs, content filtering logs

  • Identify possible intrusion attempts or other anomalies

  • Filter non-threatening network traffic for enhanced reporting accuracy.

  • Manage a problem resolution process from initial reporting to resolution.

  • Make determinations of the operation impact of a particular threat.

  • Recommend immediate corrective actions to higher level network engineers.

  • Respond to new threats, initiate and assist in drafting remediation strategies.

  • Provide ongoing monitoring of intrusion detection systems and newly developed exploits for Windows and UNIX systems.

Minimum Requirements

  • The ideal candidate is required to possess a working knowledge of IDS and the role such systems play in detecting intrusion attempts.

  • Experience creating custom intrusion signatures to detect specific network traffic anomalies is desired.

  • Requires comprehension of and experience with most viruses and worms which may infiltrate into and propagate throughout a large network

  • Experience populating sensors with newly available signatures when responding to events or management requests.

  • 2 years of experience monitoring Intrusion Detection Systems.

  • Security + Certification is required

  • Knowledge of IDS and the role such systems play in detecting intrusion attempts.

  • Experience with Snort, Dragon, ArcSight, Blue Coat Reporter and/or Squil.

  • Selected candidate must be able to pass a background check and be eligible to receive a Public Trust level clearance. We will facilitate the clearance process, but the candidate will not be able to begin work until the clearance process is complete (generally 4-5 weeks).

Preferred Requirements

  • BA/BS in Computer Science, Information Services or comparable discipline required or demonstrated success with equivalent work experience

  • Equivalent combination of knowledge and specialized experience may be acceptable in lieu of a degree.

**The selected applicant will be subject to a background check and drug testing.

VSE is an Equal Opportunity/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, gender, age, national origin, disability, Protected Veteran status, sexual orientation, or any other characteristic protected by federal, state or local law.

Other details

  • Job Family Operations
  • Job Function Computer Security Specialists
  • Pay Type Hourly
  • Durham, NC, USA