Cyber Security and Incident Response Specialist
Designed by analysts but built for the entire team (security operations, threat intelligence, incident response and security leadership), ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. Founded in 2011, the company started servicing government agencies on specialized cybersecurity contracts while building its platform. Officially launched in 2013, the ThreatConnect Platform has grown to more than 20,000 users worldwide. Whether you want to work on building a world-class security platform or as a member of the services team, you will enjoy a career that truly makes an impact. For more information on the benefits of working at ThreatConnect, visit www.threatconnect.com/careers
ThreatConnect is looking for highly motivated and experienced analysts with currently active U.S. Government Top Secret security clearances to fill positions on government contracts within the DC/NoVA/MD region. If you are sought after as an expert in your field and looking for a company that will both value and reward your expertise, take a look at what ThreatConnect has to offer.
As a Network Security and Incident Response Specialist, you will support a high profile government client's cyber security efforts. Specifically, you will Identify, detect and remediate cyber intrusions through analysis of network and host based artifacts. Key responsibilities and duties for this position include:
1. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
2. Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary
3. Evaluate firewall change requests and assess organizational risk.
4. Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
5. Assists with implementation of counter-measures or mitigating controls.
6. Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
7. Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity
scans to determine compliance.
8. Prepare incident reports of analysis methodology and results.
9. Maintain current knowledge of relevant technology as assigned.
10. Participate in special projects as required.
11. Responsible for the analysis and triage of network anomalies that should be considered Events of Interest (EOI). Will provide basic assessment of the anomaly; designate it as an EOI and coordinate response with CND response team.
12. Responsible for escalating EOIs to Responders in a timely manner; with all required information to ensure the response team may act upon it accordingly.
13. Must have a good understanding of networks at a packet level. Must be able to analyze packet captures at the expert level.
14. Must have experience using CND tools to detect network attack; these tools are:
- Enterprise Security Information and Event Management Systems (SIEM).
- Intrusion detection and prevention systems (IDS; IPS).
- Web Content monitoring systems (WebSense; Bluecoat).
- Firewall and syslog logs.
15. Assists with implementation of counter-measures or mitigating controls. Must be able to review multiple data sources to gather Indications and Warnings and Attack Sensing and Warnings information
- 10 Paid Federal Holidays
- Accrued Paid Time Off (PTO) for vacation/sick, time
- Your birthday off
- Employee recognition program with quarterly awards
- Employee referral program
- Military leave options available
- Education reimbursement program for job-related college courses and professional training
- Company-provided refreshments at our headquarters
- Quarterly events with your geographic team
- Annual company party
- MEDICAL PREMIUM FOR INDIVIDUALS AND FAMILIES ARE 100% COVERED
- Prescription drug coverage
- Dental coverage
- Vision coverage
- Company-paid short term and long term disability
- Company-paid insurance and AD&D coverage
- 401K retirement savings plan with company matching program up to 6%
- Health Savings Account
- Flexible Spending Accounts (medical, dependent care, transit and parking)
- Cell phone stipend