DMV Capital TechSearch
- Perform analysis on network activity data; including, network flow logs, signature-based IDS/IPS alerts and event data, and all other relevant network and system related data.
- Troubleshoot alerts, interface with Cyber/IA compliance team on policy, identify the possibility of system infection, compromises, or high-risk exposure. Prepare detailed analysis reports.
- Analyze large volumes of network flow data looking for specific patterns/characteristics or general anomalies
- Find trends and correlate data from several sources for reporting regarding enterprise-wide network activity.
- Develop and implement custom scripts to automate data-parsing and simple analytics.
- Create reports on key events and findings
- Work with Cyber/IA team to identify indicators from cyber threat intelligence sources, incident reporting, and published technical advisories and bulletins.
- Experience with ELK and rule creation.
- US Citizenship is required with ability to obtain a Security clearance
- Bachelor’s Degree in Computer Science or a related technical field and a minimum of 5 years related technical work experience
- Working knowledge of security concepts and analysis tools
- Working knowledge of networking concepts architectures.
- Awareness of the common cyber products and services and their features and limitations.
- Ability to work and produce results in an agile and fast-paced environment with dynamic deadlines.
- Experience working within the Federal government and/or DoD
- Familiarity with incident response products and best practices.
Related Jobs (5)
Security Operations Specialist with IR and Forensics on January 9, 2020 Full Time