SIEM Analyst 3 w/ TS/SCI
Mission Services | St. Louis, MO | Full Time
SIEM Analyst 3 w/ TS/SCI
Hours: This position is on a shift schedule, working a 2-2-3 Panama schedule
Required Clearance: Top Secret / SCI (CI Poly Preferred)
Required Certification: DoD 8570.01-M compliant at Management or Technical level II
Location: St. Louis, MO
Experience: 7-10 years within related field with minimum 4 years in SIEM tool analysis
Education: Bachelor’s Degree or Equivalent Experience within related field, or additional years of experience in lieu of degree
Position Description and Responsibilities:
- Conduct briefings to senior leadership, as required by the government.
- Conduct analysis for detecting and evaluating cyber events and/or intrusions.
- Monitor for potential compromise, intrusion, deficiency, significant event, or threat to the security posture and security baseline.
- Perform daily IDS and IPS analysis/monitoring and generating technical and executive summary reports.
- Conduct incident response IAW DoD/IC policy (Chairman of the Joint Chiefs Staff Manual/CJCSM 6510, Intelligence Community Standard/ICS 502, and industry best practices such as NIST Special Publication 800-61).
- Apply knowledge of information security services/analysis concepts, practices, and procedures.
- Research, design, develop, deploy, configure, administer, and maintain enterprise-wide Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and Security Information/Event Management (SIEM) infrastructure.
- Conduct analyses of existing solutions to incorporate requested enhancements.
- Review/analyze requested changes for equipment, technology and/or other factors/trends, which may affect existing solution.
- Research current cyber events and/or intrusions for impact to customer systems.
- Implement government IDS and IPS design/deployment with government approval.
- Develop/write custom IDS and IPS signatures and update proprietary signatures with government approval.
- Develop SOP and other technical documentation for the IDS infrastructure IAW with current government policy.
- Consult with hardware, communications, database experts, and /or vendors to ensure system viability.
- Follow intrusion and escalation processes and procedures IAW with current government policy.
Experience in performing three or more areas information security compliance, risk management, security engineering, system certification, and IT operations security.
- Experience with Event and Incident Analysis.
- Experience with different reporting formats.
- Experience using Correlation Rules.
- Bachelor’s degree in Computer Information Systems, Computer Science, Information Technology, Information Science, Information Systems, or a related academic disciplines of science, technology, engineering, or mathematics.
- ISC2 recognized professional certifications.
- Filtering of event data into dashboards.
- SIEM Content Engineering Experience.
- Demonstrated Experience in Cyber Intelligence briefing preparation and presentation.
EICORP is a leader in intelligence, surveillance and reconnaissance; advanced cyber solutions; cloud and managed IT solutions; engineering, and information-based solutions for law enforcement and homeland security. We provide training and logistics in support of readiness operations; and operational support services and solutions in support of organizations not limited to DHS, DoD, and the Intelligence Community (IC). We hire mission enablers whom reflect our communities and proactively embrace diversity and inclusion, in order to advance our corporate culture, develop our family of employees into the best they can be, and in turn grow our marketshare throughout industry.
EICORP is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected factor.