[Close] 

Senior IT Security Engineer -SOC (FM348)

Company Name:
Radiant Systems Inc
Senior IT Security Engineer (SOC) (FM348)
Location: Oakton, VA 22124
Duration: 1 Year Contract
Job Description:
U.S. Citizenship
Working hours: 12 hr schedule (11am 11pm or 11pm 11am)
Provide hands-on IDS analyst duties in a SOC (federal preferred) environment for Federal Agency.
Summary Requirement:
Experience performing recent hands-on IDS analyst duties in a SOC (federal preferred) environment (operational and technical with security analysis) is required and critical!
5 years threat management experience in a security operations environment
2 years as a SOC analyst level 3 performing security event and correlation monitoring
Firm understanding of incident response, signature tuning, and network protocols; web server defense; how attackers were generating the traffic; solid knowledge of DNS and how it works; TCP Headers; Web attack vectors and malware analysis.
Strong background with in depth analysis of security events and the ability to triage security events to determine which were real incidents.
Network Topology:
Quickly understand network routes taken by various assets in use on the networks
Firm understanding of security zones, VLANs, or interface context as associated with the networks
Intrusion Prevention:
Detecting and blocking malicious network traffic
Signature tuning
False positive reduction
TCP/IP manipulations
Understanding of evasion strategies
Detecting various attack vectors
Email security techniques
Data recovery techniques
Timestamp & File system analysis
Log parsing and correlation
Event Analysis:
Determine the purpose and/or outcome of security events as they are being observed in the logs and do discovery on activity events
Ability to analyze report on packet captures
Solid knowledge of Windows OS, Linux OS, create virtual sandbox(s) to create minor shell scripts or VB/Access to support data extraction correlation and discovery
Network Forensics:
Firm understanding of network and operating system forensics
Chain of Custody and evidence collection
Identify malware and suspicious activity patterns in firewall, router, and server logs when an IPS has not detected the activity (ingress and egress)
Review IPS event activities
Interpret format, syntax, and contexts used within Cisco firewall ACL configuration files
Report risks and security events related malicious activity which may be dropped by the router interface prior to reaching further defense-in-depth controls
Training:
Train customer personnel
Required Intrusion Prevention Systems Experience: SourceFire, Cisco and Enterasys
Required Security Information and Event Management (SIEM) Experience: Trustwave and Arcsight SIEM
Skill Matrix:
1) Network Protocols - Expert - Required
2) Hands-on IDS Analyst Engineering - Expert - Required
3) Must Pass Public Trust - Expert - Required
4) Incident Response Expert - Required
5) Security Event and Correlation Monitoring - Intermediate - Required
6) 5 Years Threat Management Experience in Security Intermediate - Required
7) Web Attack Causes and Approaches -Intermediate - Required
8) Signature Tuning - Intermediate - Required
9) SOC Environment IDS Analyst - Intermediate Desired
Interested candidates can forward your resume to or I can be reached @ 908-279-8899 X 443

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Senior Tire Technician- OTR
Richmond, VA Bridgestone Americas, Inc
Senior Web Designer
Fairfax, VA ICF
Proposal Writer Senior
McLean, VA DynCorp International LLC.
Shipboard System Installation and Repair Engin...
Chesapeake, VA BAE Systems
Senior Translator - 17265
Fairfax, VA HII - Mission Driven Innovative Solutions ...