Intrusion Detection Analysis (IDA) Security Specialist
Networking | Hybrid in Scott Air Force Base, IL | Full Time
About Us: Innovating to solve real-world problems
Applied Insight enhances the ability of federal government customers to preserve national security, deliver justice and serve the public with advanced technologies and quality analysis. We work closely with agencies and industry to overcome technical and cultural hurdles to innovation, empowering them with the latest end-to-end cloud infrastructure, big data and cyber capabilities. Our expertise in cross-domain and boundary solutions, network analytics, DevOps and low-to-high development is unique in our industry. We develop and deliver innovative products and applications that are deployed in highly sensitive customer environments and have broad applications for federal missions.
On joining the Applied Insight team, you’ll be working to solve real-world problems on missions that matter with people who share your passions and encourage your ambition. It’s vital to us that we hire committed people who are great at what they do. We return that commitment by empowering them with the autonomy, the support and the tools they need to fulfill their true potential.
A day in the life (just a few of the things you may do on any given day):
As a SOC Network Monitoring Analyst:
You will provide operational and technical Subject Matter Expertise (SME) in direct support of multiple systems where the Enterprise Security Services (ESS) team is responsible for ensuring security principles, procedures, and practices under the Risk Management Framework (RMF) are applied to solutions for the United States Transportation Command (USTRANSCOM).
You will excel in this role if you are:
We are seeking a diligent and proactive SOC Network Monitoring Analyst to join our 24/7 Security Operations Center (SOC). The ideal candidate will have a robust understanding of cybersecurity principles and hands-on experience with Splunk, Splunk Enterprise Security (ES), and Splunk User Behavior Analytics (UBA). This role requires round-the-clock monitoring of our mission-critical environment to ensure the integrity, confidentiality, and availability of our services through real-time alerting and rapid response to potential threats.
- Provide continuous monitoring and analysis of network traffic and system alerts to identify and combat malicious activities in real-time.
- Utilize Splunk, Splunk ES, and Splunk UBA for event correlation, data analysis, and the generation of actionable insights.
- Develop and refine SOC monitoring policies, procedures, and documentation to enhance incident detection and response capabilities.
- Perform security event and incident correlation using information gathered from a variety of sources within the enterprise.
- Conduct initial triage and categorization of potential incidents and escalate according to established procedures.
- Participate in the development and tuning of SIEM rulesets, dashboards, and reports to improve monitoring and visibility.
- Collaborate with incident responders to ensure rapid resolution of security incidents.
- Participate in after-action reviews and contribute to continuous improvement of security monitoring and response processes.
- Stay up to date with current vulnerabilities, attacks, and countermeasures.
- Perform other duties as assigned.
What we are expecting from you (i.e. the qualifications you must have):
- Current Secret or TS/SCI security clearance.
- Bachelor’s degree in information security, Computer Science, or a related field, or equivalent work experience.
- Minimum of 3 years of experience in a security operations center or network operations center environment.
- Active CompTIA Security+ (DoD 8570.01-M IA Level II certification) and with CompTIA PenTest+ or CompTIA CySA+.
- Demonstrated experience with Splunk, including dashboard creation, reporting, and alerting.
- Working knowledge of Splunk ES and UBA for advanced threat detection and analytics.
- Ability to work in a fast-paced, 24/7 operation, with flexibility to cover various shifts.
- Ability to work independently or with a team (as needed).
- Must successfully pass a background check and any additional customer background investigation requirements prior to employment.
What we are desiring from you (i.e. the nice-to-have qualifications):
- Certifications in cybersecurity (e.g., CEH, CISSP, or equivalent).
- Experience in a Cyber Security Service Provider (CSSP) environment.
- Experience with network analysis tools and understanding of network protocols.
- Familiarity with incident response and handling methodologies.
- Excellent problem-solving skills and the ability to work under pressure.
- Strong communication and collaboration skills.
- Active security clearance or the ability to obtain one.
- Experience with working on a timeline and providing weekly/monthly/quarterly updates as required.
- Working knowledge of Microsoft Office products.
What we will provide in return: Excellent compensation and amazing benefits
- Multiple health insurance options which include a PPO plan with ZERO deductibles and an HSA plan.
- 401k Immediate Vesting. Company matches 100% of the first 3% contributed and 50% of the next 2% contributed.
- Fully paid long-term disability, short-term disability, and life insurance.
- Flexible Spending Account options.
- Generous paid time off.
- Flexible work schedules with the ability to bank extra hours for additional time off.
- Government shutdown protection where employees don't have to use leave for up to 3 days out of the year for inclement weather or budget issues.
- Employee centric culture and a belief that we should empower those who are good at what they do and then give them the tools they need to achieve success and grow their career.
- A commitment to learning and growth and easy ways to achieve both including a training budget, education assistance, mentorship programs and collaborative learning sessions.
- A collaborative environment that fosters communication and an open-door policy.
Applied Insight provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to actual or perceived race, creed, color, religion, alienage or national origin, ancestry, age, disability or handicap, sex, veteran status, sexual orientation, gender identity or expression, genetic information, or any other characteristic protected by applicable federal, state or local laws.