Click on 'Apply Now' to submit your application for this position.
Security Operations Analyst
02 - 03 years
Sole US Citizenship
MD - Germantown
ActioNet is seeking a Cyber Security Operations Analyst in support of a Federal client's Enterprise Security Operations Center. The Analyst is responsible for the implementation, troubleshooting, and configuration changes to the security monitoring team (SMT) servers and appliances.
The analyst will manage incident response security-focused projects ensuring they are aligned with the approved organizational ITIL processes. In addition, the administrator will collaborate with other organizational teams to include Enterprise Incident Response Team, IJC3, Firewall teams, Network Operations, etc. to ensure successful cyber security tools integration.
•Management of incident response tools include configuration changes, troubleshooting, software version upgrades, patch management for IDS, SIEMs, security-related dashboards, etc.
•Provides Tier 2 support for security-related service requests
•Administers and reviews role-based access to organizational incident monitoring tools
•Administers incident response devices (e.g. VMs, appliances, central logging, and servers)
•Develop, update and revise technical documentation and procedures.
•Participates as a member of the Cyber Security Incident Response Team
•Assess incident response tools to ensure compliance with NIST 800-53 security controls requirements
•Conduct Network Security Monitoring as a part of an incident response team within an 24x7 security operation center
•Must be available for shift work with flexibility to cover both day and night time shifts
•US citizenship required with the ability to obtain and maintain an DOE Q Clearance
•Operating Systems (Windows, Linux, etc.) & bullectory-Based Authentication (LDAP/AD)
•TCP/IP Networking and Network Devices
•Log and Netflow data
•Remote Access Technologies
•Intrusion Detection/Prevention systems
•Security /Network Monitoring Tools
•Common scripting languages (Visual Basic, Power Shell, BASH, Perl, Python, Regex) to parse logs, and automate repeatable procedures Cyber security standards such as NIST SP 800-53, and NIST SP 800-61
•Incident Response Lifecycle activities
•Reads and analyzes PCAP data
•Strong analytical and problem solving skills
•Strong IT experience from multiple areas (System administration, networking, etc.)
•Clear and concise verbal and written communication skills
•Strong interpersonal skills
•Experience with network security monitoring tools:
•IDS / IPS tools: Snort
•Packet capturing tools Solera / Wireshark
•McAfee Enterprise Security Manager
•Ability to participate in weekly Technical Review Boards (TRB) and Change Advisory Board (CAB) as required.
ActioNet has a mentor program designed to get you up to speed in your new job quickly...helping you succeed and grow with the company.
ActioNet Inc. is an Equal Opportunity/Affirmative Action Employer.