Intrusion Detection Analyst
2 days ago
Tyto Athene is searching for a Intrusion Detection Analyst to support our customer in Washington, DC.
Responsibilities:
- Accurately review, annotate, and resolve security incidents tasked by the Intrusion Detection Team, Watch Officer, SOC management or other SOC teams 24 hours a day, 7 days a week, which is subject to change based on AOUSC needs.
- Conduct Incident Triage to prioritize newly identified security incidents for follow-on action. Identify all relevant data sources for initial collection to determine prioritization and resource application based on the criticality of the incident. Conduct immediate actions to evaluate and contain threats as necessary in accordance with the Judiciary Security Operations Center Incident Response Plan (JSOCIRP), Incident Response Operations Guide, and any other published SOC operations guides and manuals. Please see SLA SOC3.
- Perform deep dive analysis (manual and automated) of malicious links and files.
- Ensure efficient configuration and content tuning of shared SOC security tools to eliminate or significantly reduce false alert events.
- Provide Executive Summary in accordance to IDT Operations Guide.
- Provide 5W briefing slides for each event for leadership briefing.
- Provide on demand time/trend/event based metric reports for SOC management.
- Provide clear and actionable event notifications to customers. Notifications to customers will be clear and provide sufficient detail for a mid-level system or network administrator to understand what has occurred and what needs to take place to remediate the event.
- Coordinate and provide direct support to local incident responders at the circuit, local court unit and program office levels. Provide notifications, guidance and end to end incident response support to local incident responders to ensure the appropriate actions are properly taken to detect, contain, eradicate and recover from identified security incidents. Coordinate with various other SOC teams to leverage the appropriate resources to enable local incident responders. Participate in course of action (COA) development and execution as necessary.
- Document all communications and actions taken in response to assigned incidents in the SOC ticketing system. Ensure tickets are properly updated in a timely manner and all artifacts are included. Escalate any concerns or requests through the Contractor management as necessary.
- Directly support the Judiciary Special Tactics and Active Response (JSTAR) team and provide incident response support for critical security incidents as they arise.
- Perform appropriate event escalation for events, notifications, and non-responsiveness from customers. Contractors shall track all notifications in the SOC ticketing system and escalate tickets to Watch Officers or SOC management in cases where the customer is non-responsive or requires clarification that is outside the scope of the normal operations. Contractors will be familiar with the JSOCIRP escalation and reporting procedures.
- Continuously review and update the Incident Handlers (IH) Guide and provide recommendations to annual updates for the JSOCIRP. All SOPs and Op Guides are federal government property. Contract staff provide recommendations in draft form for federal management review, approval and adoption.
- Incident Responders must be able to perform the tasks and meet the skills, knowledge and abilities as described in NIST Special Publication 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework for the role of Cyber Defense Incident Responder
Required:
- 6 years of security intrusion detection examination experience involving a range of security technologies that product logging data; to include wide area networks host and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs;
- Ability to communicate clearly both orally and in writing.
- Working experience with Splunk SIEM.
- At least three years of experience working at a senior level, performing analytics examination of logs and console events and creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, in SIEM environments
Education/Certifications:
- Bachelor’s degree in information systems, Computer Science or related field is preferred. // Splunk Fundamentals I & II certification.
Clearance Requirement:
- Public Trust
Location: This role is on-site in Washington, DC
Hours of Operation/Shift:
- Sat-Sun (7:00am - 7:30pm) & Tues-Wed (3PM-11:30PM)
-
Intrusion Detection Analyst
2 days ago
washington, United States Tyto Athene, LLC Full timeTyto Athene is searching for a Intrusion Detection Analyst to support our customer in Washington, DC.Responsibilities:Accurately review, annotate, and resolve security incidents tasked by the Intrusion Detection Team, Watch Officer, SOC management or other SOC teams 24 hours a day, 7 days a week, which is subject to change based on AOUSC needs.Conduct...
-
Intrusion Detection Specialist
3 weeks ago
Washington, Washington, D.C., United States Tyto Athene, LLC Full timeJob Title: Intrusion Detection SpecialistJob Summary:Tyto Athene, LLC is seeking a highly skilled Intrusion Detection Specialist to support our customer in Washington, DC. The ideal candidate will have 6 years of experience in security intrusion detection examination involving a range of security technologies, including wide area networks, host and Network...
-
Incident Detection Specialist
4 weeks ago
Washington, Washington, D.C., United States Tyto Athene, LLC Full timeJob SummaryTyto Athene, LLC is seeking a highly skilled Cybersecurity Incident Analyst to join our team. The ideal candidate will have a strong background in security intrusion detection and analysis, with experience in reviewing and resolving security incidents.Key Responsibilities:Accurately review, annotate, and resolve security incidents tasked by the...
-
Cyber Security Analyst
3 weeks ago
Washington, Washington, D.C., United States DigiFlight Full timeCyber Security AnalystAt DigiFlight, Inc., we are seeking a highly skilled Cyber Security Analyst to join our elite team of IT professionals. As a Cyber Security Analyst, you will play a critical role in maintaining an optimal environment for critical systems. Your primary responsibility will be to provide a full range of cyber security services with a focus...
-
Cybersecurity Analyst
3 weeks ago
Washington, Washington, D.C., United States MetroStar Corporation Full timeCybersecurity Analyst Job DescriptionAt MetroStar Corporation, we are seeking a highly skilled Cybersecurity Analyst to join our team. As a Cybersecurity Analyst, you will be responsible for guiding government clients through the intricate process of obtaining and maintaining Authority to Operate (ATO) certifications for their information systems.Key...
-
Cyber Network Defense Analyst
4 weeks ago
Washington, Washington, D.C., United States 00100 LEIDOS, INC. Full timeJob Title: Cyber Network Defense AnalystLeidos is seeking a highly skilled Cyber Network Defense Analyst to join our team. As a Cyber Network Defense Analyst, you will be responsible for monitoring and detecting cyber threats, analyzing network traffic, and providing incident response and remediation services.Key Responsibilities:Monitor and analyze network...
-
Cyber Network Defense Analyst
3 weeks ago
Washington, Washington, D.C., United States Leidos Full timeCyber Network Defense AnalystLeidos is seeking a highly skilled Cyber Network Defense Analyst to join our team in a critical role that requires expertise in network security monitoring and detection. The successful candidate will be responsible for proactively searching for threats, inspecting traffic for anomalies, and investigating and analyzing logs to...
-
Cybersecurity Analyst
3 weeks ago
Washington, Washington, D.C., United States MetroStar Full timeAs a Cybersecurity Analyst with a focus on Government System ATO support, you will be responsible for guiding government clients through the process of obtaining and maintaining Authority to Operate certifications for their information systems. You will leverage your expertise in government cybersecurity standards and regulations to monitor, analyze, and...
-
Cyber Security Analyst TS/SCI Clearance
3 weeks ago
Washington, Washington, D.C., United States Joint Enterprise Technologies Full timeAbout the OpportunityJoint Enterprise Technologies is seeking an experienced Cyber Incident Detection Analyst to support our client's enterprise network cyber defense capabilities. As a key member of our team, you will have the opportunity to build strong lines of cyber defense using cutting-edge technologies.Key Responsibilities:Monitor and analyze...
-
Cyber Network Defense Analyst
4 weeks ago
Washington, Washington, D.C., United States 00100 LEIDOS, INC. Full timeLeidos is seeking a highly skilled Cyber Network Defense Analyst to join our team in a critical role that requires expertise in network security monitoring and detection. The successful candidate will be responsible for proactively searching for threats, inspecting traffic for anomalies, and investigating and analyzing logs to provide analysis and response...
-
Cyber Defense Analyst
3 weeks ago
Washington, Washington, D.C., United States Powder River Industries LLC Full timeMission:To create a robust digital defense system that safeguards our customers' assets, employees, and customers from cyber threats.Reduce cyber risk and the time it takes to detect and respond to cyber threats.Key Responsibilities:Establishes cyber incident response direction for the organization and cyber defense operations.Manages the cybersecurity...
-
Cyber Security Analyst
3 weeks ago
Washington, Washington, D.C., United States CareFirst BlueCross BlueShield Full timeCyber Security Analyst Job DescriptionAbout the Role:CareFirst BlueCross BlueShield is seeking a highly skilled Cyber Security Analyst to join our team. As a Cyber Security Analyst, you will be responsible for ensuring the security and integrity of our organization's data and systems.Key Responsibilities:Lead regular assessments of network and system...
-
Detection Engineering Lead
4 weeks ago
Washington, United States Marvell Semiconductor, Inc. Full timeAbout MarvellMarvell Semiconductor, Inc. is a leading provider of semiconductor solutions for the data infrastructure that connects our world. Our innovative technology enables new possibilities across enterprise, cloud, and AI, automotive, and carrier architectures.Job DescriptionAs a Detection Engineering Lead at Marvell, you will be a senior-level expert...
-
Cyber Defense Analyst
3 weeks ago
Washington, Washington, D.C., United States Powder River Industries LLC Full timeMission:To safeguard our customers' assets, employees, and customers by creating a state of digital resilience and safety that supports their ability to anticipate, absorb, adapt, and rapidly recover from a cybersecurity incident.Reduce cyber risk and the time it takes to detect and respond to cyber threats.Key Responsibilities:Establishes cyber incident...
-
Application Security Analyst
3 weeks ago
Washington, Washington, D.C., United States Bank of America Full timeJob Description:At Bank of America, we are committed to creating a secure and reliable environment for our customers and employees. As an Application Security Analyst, you will play a critical role in protecting our systems and data from cyber threats.You will be responsible for developing and implementing custom alerts and monitoring controls to detect and...
-
Cyber Security Specialist II
4 weeks ago
Washington, Washington, D.C., United States ALTA IT Services Full timeJob Title: Cyber Security Specialist IIALTA IT Services is seeking a highly skilled Cyber Security Specialist II to join our team. As a key member of our Cybersecurity Operations team, you will be responsible for operating and managing all aspects of Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation.Key...
-
SOC Shift Lead
1 month ago
Washington, United States General Dynamics Information Technology Full timeType of Requisition:RegularClearance Level Must Currently Possess:NoneClearance Level Must Be Able to Obtain:NoneSuitability:Public Trust/Other Required:Job Family:Information SecurityJob Qualifications:Skills:Incident Response, Information Technology Security, Security OperationsCertifications:Experience:5 + years of related experienceUS Citizenship...
-
Cybersecurity Operations Center Analyst
3 weeks ago
Washington, Washington, D.C., United States Alpha Omega Integration, LLC Full timeJob Title: Top Secret IT Security SpecialistLocation: Dept Of Treasury –1500 Penn Avenue (Main Treasury Building) - SCIFShift: Night shift 6PM to 6 AM in Panama Shift (4-3, 3-4 shift)Clearance Required: TS/SCIPosition Description/Scope of Work:Alpha Omega Integration, LLC is seeking a skilled Security Operations Center (SOC) Analyst to monitor, detect, and...
-
washington, United States Tyto Athene, LLC Full timeTyto Athene is searching for a forward-thinking and self-motivated Senior Digital Forensics Incident Response Analyst to support a law enforcement customer in Washington, DC. This exciting role requires an appetite for learning, superior attention to detail, the ability to meet tight deadlines, great organizational skills, and the ability to work in a highly...
-
Washington, United States Tyto Athene, LLC Full timeTyto Athene is searching for a forward-thinking and self-motivated Senior Digital Forensics Incident Response Analyst to support a law enforcement customer in Washington, DC. This exciting role requires an appetite for learning, superior attention to detail, the ability to meet tight deadlines, great organizational skills, and the ability to work in a highly...
