Your browser cookies must be enabled in order to apply for this job. Please contact support@jobscore.com if you need further instruction on how to do that.

IDS Network Security Analyst 3 w/ TS/SCI

Mission Services | Springfield, VA | Full Time

Job Description

IDS Network Security Analyst 3 w/ TS/SCI

Hours: This position is on a shift schedule, working a 2-2-3 Panama schedule

Required Clearance: Top Secret / SCI (CI Poly Preferred)

Required Certification: DoD 8570.01-M compliant at Management or Technical level II

Location: Springfield, VA

Experience: 7-10 years within related field with minimum 4 years in SIEM tool analysis

Education: Bachelor’s Degree or Equivalent Experience within related field, or additional years of experience in lieu of degree

Position Description and Responsibilities:

Information Assurance Specialist/Advisor to support the National Geospatial-Intelligence Agency (NGA). Develop security architectures, and engineering system specifications. Conduct strategic planning and recommend implementation strategies. Advise and assist government on security and privacy policy, trusted product assessment, enterprise security engineering, secure systems management, penetration and exploitation, insider threat analysis and protection, cyber situation awareness, attack sensing and warning, secure wireless networking and mobile computing, secure operating systems, secure workstations, secure data management, secure web technology, and secure protocols, authentication.

  • Conduct analysis for detecting and evaluating cyber events and/or intrusions.
  • Conduct briefings to senior leadership, as required by the government.
  • Monitor for potential compromise, intrusion, deficiency, significant event or threat to the security posture and security baseline.
  • Perform daily IDS and IPS analysis/monitoring and generating technical and executive summary reports.
  • Conduct incident response IAW DoD/IC policy (Chairman of the Joint Chiefs Staff Manual/CJCSM 6510, Intelligence Community Standard/ICS 502 and industry best practices such as NIST Special Publication 800-61).
  • Apply knowledge of information security services/analysis concepts, practices and procedures.
  • Research, design, develop, deploy, configure, administer, and maintain enterprise-wide Intrusion Detection System (IDS), Intrusion Prevention System (IPS) and Security Information/Event Management (SIEM) infrastructure.
  • Conduct analyses of existing solutions to incorporate requested enhancements.
  • Review/analyze requested changes for equipment, technology and/or other factors/trends, which may impact existing solution.
  • Research current cyber events and/or intrusions for impact to NGA systems.
  • Implement government IDS and IPS design/deployment with government approval.
  • Develop/write custom IDS and IPS signatures and update proprietary signatures with government approval.
  • Develop SOP and other technical documentation for the IDS infrastructure IAW with current government policy.
  • Consult with hardware, communications, database experts, and /or vendors to ensure system viability.
  • Follow intrusion and escalation processes and procedures IAW with current government policy.

Required Experience:

Experience in performing three or more areas information security compliance, risk management, security engineering, system certification, and IT operations security.

  • Sourcefire Certified Professional (SFCP) or Securing Cisco Networks with Sourcefire Intrusion Prevention System (SSFIPS).
  • Experience with Event and Incident Analysis.
  • Experience with different reporting formats.
  • Experience using Correlation Rules.                           

Desired Qualifications:

  • Bachelor’s degree in Computer Information Systems, Computer Science, Information Technology, Information Science, Information Systems, or a related academic disciplines of science, technology, engineering, or mathematics.
  • ISC2 recognized professional certifications.
  • Filtering of event data into dashboards.
  • SIEM Content Engineering Experience.
  • Demonstrated Experience in Cyber Intelligence briefing preparation and presentation.       

About EICORP:

EICORP is a leader in intelligence, surveillance and reconnaissance; advanced cyber solutions; cloud and managed IT solutions; engineering, and information-based solutions for law enforcement and homeland security. We provide training and logistics in support of readiness operations; and operational support services and solutions in support of organizations not limited to DHS, DoD, and the Intelligence Community (IC). We hire mission enablers whom reflect our communities and proactively embrace diversity and inclusion, in order to advance our corporate culture, develop our family of employees into the best they can be, and in turn grow our marketshare throughout industry.

EICORP is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected factor.