Abile Headquarters

  • Cyber Defense Analysis Focused Operations Analyst (CSOC Sr)

    Job Locations US-VA-Springfield
    Posted Date 3 days ago(8/16/2018 3:02 PM)
    Job ID
    2018-1132
    # of Openings
    2
    Category
    Information Technology
  • Overview

    Abile Group has an exciting and challenging opportunity for a Focused Operations Analyst supporting an Intelligence Community Customer on an Enterprise Management and Cyber Security outsourcing contract.

     

    Abile Group, Inc. was formed in July 2004 to partner with the Intelligence Community and their Contractors in the areas of Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. We have significant experience with the Federal Government and are an EDWOSB dedicated to our employees and clients. We are looking for high performing employees who enjoy providing advice and guidance along with solutions development and implementation support, crafted by combining industry best practices with the clients’ subject matter experience and Abile’s breadth of expertise. Abile Group is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, veteran status, disability, or national origin.

     

    The right candidate will possess the following skills and capabilities and be ready to handle all responsibilities independently and professionally.

    Responsibilities

    • Analyze vulnerability assessment data to identify technical risks to the organization
    • Communicate technical information to non-technical audiences influencing others to comply with policies and conform to standards and best practices.
    • Monitor internal/external channels for new threats/exploits
    • Assist to manage, plan, evaluate, and advocate for information security compliance systems, plans, and functions
    • Support leadership to identify capability gaps in vulnerability management services
    • Maintain knowledge of current vulnerability security trends and clearly communicate them to the client
    • Develop action plans to mitigate and or remediate threats
    • Make recommendations based on technical analysis that reduce vulnerabilities and security deficiencies

    Qualifications

    Clearance Required: TS/SCI

    Degree and Years of Experience: Bachelor’s degree and least 5 years of experience in leading and managing large scale IT projects with competing resource and project schedules.

    Shift: M-F 0600-1800 core hours

    Required Certifications: 8570 CND CSSP-IR (CEH Preferred)

     

    Required Skills:

    • Must have experience reading and analyzing packet traces and raw log dumps.
    • Must have experience creating Digital forensics reports.
    • Must have experience performing advanced forensics collection techniques, reading and analyzing packet traces and raw log dumps.
    • Must have working knowledge of reverse engineering techniques using debugging software, and behavioral analysis techniques.
    • Must have working knowledge of reverse engineering techniques using debugging software, and behavioral analysis techniques.
    • Must have working knowledge of how to parse through multiple gigabytes of log data utilizing native Unix/Linux command line tools.
    • Must have working knowledge of how to create and run scripts that will collect and analyze logs
    • Must have experience and a thorough understanding of enterprise digital forensics concepts (including validation and sterilization) as well as true digital forensics beyond push-button examinations.
    • Must have experience thoroughly analyzing enterprise networks as well as dead box forensics.
    • Must have experience thoroughly analyzing Linux/Unix/Windows operating systems.
    • Must have experience thoroughly analyzing TCP/IP and PCAP.
    • Must possess excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings
    • Must possess a working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks. A conceptual understanding of Windows Active Directory is also required.
    • Must possess a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
    • Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms such as Arcsight,or Splunk that perform log collection, analysis, correlation, and alerting is also required

     

     

    EMCSS 21010,21011,21012

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed