Cyber Security Analyst
- McLean, VA
K3 Solutions, LLC (K3) is a leading technical solutions and services company, that offers a broad range of expertise in systems modernization efforts, applications support, and business process management services. Our collaborative approach, innovative solutions, and focus on adding value provides our clients with a cost-effective path to addressing, managing, and achieving all of their mission objectives and business goals.
Security Monitoring - Responsible for the security monitoring and reporting of IT system resources; Responding to and investigating incidents identified by SOC; Defining the monitored activities that are logged and monitored to detect abnormal or unusual activities that may need to be investigated; Providing 24x7 CSIRT response; Preparing management reports; Managing, maintaining, and updating supporting Security Monitoring technologies; Working with technology owners to ensure successful delivery and security of audit/log data.
-Analyze security data including intrusion detection system (IDS) events, system logs, Firewall Logs, network traffic analysis in response to security events and incidents;
-Implement new technologies / processes to support Information Security intrusion detection activities;
-Monitor security intelligence feeds and analyze impact to system infrastructure.
Intrusion Detection - Consult/Assist in the monitoring of network and host security infrastructure. Consult/Assist in the performance of impact assessments and validation of attacks (successful/unsuccessful) against the IT infrastructure; Assist in the design, deployment, and configuration of countermeasures as appropriate; Reviewing/identifying current vulnerabilities, attacks and appropriate countermeasures. Interface with other technology owners to ensure proper detection of potential security issues.
-Understand business impact of security incidents and recommend corrective or preventative action.
Vulnerability Management - Collect vulnerability and threat information from vendors, researchers, and other sources; Perform correlation of threat/vulnerability sources to provide recommendation on potential actions and assessment of overall security threat posture.
Incident Management - Conduct Information Security Investigations/Forensics analysis; Participate in Computer Security Incident Response teams.
-Collect, preserve, and analyze computer evidence in support of Information Security investigations / Incident Response process.
MUST BE STRONG with EnCase
Skill level: Senior (7+ yrs.)
Previous Security Operations Center (SOC) experience
-Prior Forensic Analysis experience preferred. Experience using EnCase Forensics, FTK, Helix, and other open source tools a plus.
-Must be able to work independently and in a team environment
Finance and /or Mortgage experience required
-4-year degree in Information Security, Computer Science, Information Technology, Management Information Systems or equivalent work experience
-GSEC, GCIH, CCNA, CISSP or similar security related industry certification
-Experience in system administration/security administration of multiple platforms and operating systems such as Solaris/AIX/Linux and Microsoft Windows Server
-Demonstrated knowledge of network security, protocols, architecture and packet analysis
-Strong knowledge of malware and anti-malware tools
-Experience with the following security technologies is required: Intrusion Detection Systems (IDS), Vulnerability Scanners, Forensics Tools, Malware Analysis tools, Log Collection systems, SIEMs, Data Loss Prevention and End Point Solutions.
-Strong technical analysis writing and communication skills
Security Clearance Requirement
Email your resume to email@example.com.