Employer: Create Account or Login
Sign In
 [New User? Sign Up]
Mobile Version

Cloud Security Analyst Job


Job Code:
Apply on the Company Site
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Cloud Security Analyst Job

Cloud Security Analyst Job

Date: May 27, 2018

Location: Fort Belvoir, VA, US

Company: SAIC

Cloud Security Analyst (Job Number:435479)


SAIC is looking for a Security Analyst who will perform:
- Perform security operations, security monitoring, firewall security management, intrusion detection services, NOC and SOC support, security vulnerability and penetration testing, and Security incident and audit management.
• The Security Analysis will also be responsible for IT and information security policies, system administration, network Security, firewall administration, proactive security problem solving: Performing implementation, maintenance, and integration of security devices; Monitor, investigate, detect, resolve, and remediate network attacks, threats, and security breaches; Providing network and system security 24x7 support leveraging many years of experienced gained in this field deploying and supporting Firewalls, IDS/IPS, Content Filters, and SIEM tools; Proactively find the root cause security and data breaches; Proactively meet all Service Level Agreements (SLAs) regarding customer security incidents, response time, notifications, and resolution.

Job Responsibilities:
- Perform security operations support including monitoring, remediation, implementation, configuration, planning, staffing, encryption, and tracking in compliance with security policies and other security-related statutes, regulations, rules, and standards
• Perform Network-Based and Host-Based Intrusion Detection Services and perform day-to-day secure operation of the customer-wide network
• Test the susceptibility of the customer network hosts to possible attacks and implement the customer security policies
• Conduct assessments of security controls, identify weaknesses, and track remediation activities
• Perform with Network Security Monitoring tools, network traffic analysis, and log analysis Static and dynamic malware analysis
• Recommend and implement best practices for firewall management compliance with the customer policies
• Perform network monitoring and intrusion detection analysis to determine attacks on the network
• Analyze network traffic and identify anomalies and information security controls for weaknesses
• Take mitigation actions to contain the attack activities and minimize damage when a malicious activity or attack has occurred on the network
• Conduct network and system audit activities, patch audit, and compliance scan. Conduct periodic network scans to find any vulnerabilities
• Monitor the customer networks and devices for security breaches, through the use of software that detects intrusions and anomalous system behavior
• Proactively respond and resolve incidents and change request using ServiceNow to minimize impact
• Monitor, investigate, detect, resolve, and remediate attacks, threats, and security breaches
• Perform periodic network and device scans to identify and remove vulnerabilities
• Use security tools in detection, prevention, analysis of security threats, and protection measures
• Understanding of current threats and trends in Information Security
• Have detailed technical knowledge of network and system operating system and network security in physical, virtual and cloud-based (AWS) implementations
- Initiate security incident response including tracking and recovery actions
• Perform information assurance certification and accreditation analysis, security assessments, and make recommendations to the Information System Security Managers to bring their systems into compliancy
• Conduct assessments of security controls, identify weaknesses, and track remediation activities
• Performing security analysis, forensic, and cybersecurity tasks and STIG procedures
• Install, monitor, and manage security devices, including firewalls, data encryption and other security products and procedures
• Ability to investigate any irregularities to determine if the networks have been compromised
• Monitor and detect security changes in network and server performance
• Detect and fix security issues in end-user devices, servers, networks, etc.
• Work and communicate to stakeholders the status of information security, inform of possible risks, and suggest ways to improve security
• Perform incident response, security infrastructure management or monitoring services, and digital forensics
• Perform penetration testing and simulating an attack on the system to find exploitable weaknesses
• Monitor and detect security policy/rules configuration changes as well as changes in the network and server performance
• On call 24x7x365 coverage in managing issues, on-call rotating scheduled shift

Required Education and Experience:
- Bachelor’s degree with 5 years recent related experience
- Hands-on experience in security systems, including endpoint security, vulnerability assessment and management, network security technologies such as firewalls and IPS/IPS, wireless network security, authentication systems, log management, and encryption
- Experience with assessments of security controls, identify weaknesses, and track remediation activities
- Hands-on experience with scanning devices for vulnerabilities according to compliance policies
- Experience with NESSUS Compliance Check Tools and Standards
- Experience with assessments of security controls, identify weaknesses, and track remediation activities
- Hands-on experience with scanning devices for vulnerabilities according to compliance policies
- Experience with packet capture and analyses for network troubleshooting and security
- Experience with packet capture tools, analyzing raw Ethernet packets content to see application status or wire activity
- Familiar with the implementation of ITIL and ITSM processes and functions implementation project
- Experience with installing, configuring, operating, troubleshooting, and maintaining network equipment including routers, switches, firewalls, applications optimizations, etc.
- Experience with NESSUS and Compliance Check Tools and Standards
- Experience with Splunk Application, “SPAN” or a mirror port, and the use of a dedicated packet mirroring switch or a device like a Gigamon
- Experience Network Security Monitoring tools, network traffic analysis, log analysis, Static and dynamic malware analysis
- Experience with Network and system audit activities, patch audit, and compliance scan
- Experience with vulnerability assessment tools and other security tools
- Experience performing assessments of security controls, identify weaknesses, and track remediation activities
- Experience with producing technical documentation, including change management documentation and diagrams (using Visio)
- Experience with SIEM, including event log analysis, log management, file integrity monitoring, and real-time event correlation, network device and server event log monitoring, Windows event log monitoring, and IIS log monitoring

Desired Experience/Skills/Attributes:
- Worked on complex problems where analysis of situations requires in-depth evaluation of factors
• Experience with programming/scripting languages
• CCNA Security
• Either has or be able to obtain a DoD Secret Clearance
• Experience with NIST SP 800-37 RMF and DIACAP C&A processes
• Knowledge of Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), and Computer Security Incident Response Center (CSIRC) project
• Log Forensic Analysis with EventLog Analyzer
• Syslog, log monitor and analysis tools
• Wireshark packet capture and Analyzer for instant network analysis
• Host- based security and forensic tools
• Security Infrastructure Service Monitoring and Digital Forensics tools
• Windows disk and memory forensics
• Unix or Linux disk and memory forensics
• Digital Forensics Framework
• Experience with NESSUS and Compliance Check Tools and Standards
• Knowledge of ITIL and ITSM processes, functions, implementation
• Experience with SNMPv3/v2/v1 network management tools, including NetFlow collectors, network management tools to include Cisco Prime Infrastructure, Cisco DCNM, HP Openview, What’s Up Gold, Remedy, ServiceNow, Gigamon, Solarwinds, etc.
• Experience working with Security Information and Event Management (SIEM) tools
• Knowledge of security standards and frameworks including NIST 800-53, NIST CSF, NIST 800-171, HIPAA, IEC 62443, IEC 80001, and/or ISO 27001
• Experience with Riverbed SteelCentral, the Gigamon Visibility, and Traffic filtering

SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC has approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com.

EOE AA M/F/Vet/Disability

Job Posting: Mar 30, 2018, 12:04:04 PM
Primary Location: United States-VA-FORT BELVOIR
Clearance Level Must Currently Possess: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: No
Travel: None
Shift: Day Job
Schedule: Full-time

Nearest Major Market: Washington DC

Job Segment: Cloud, Engineer, Network, Cisco, Security, Technology, Engineering

Apply on the Company Site
Powered ByLogo

Featured Job

Featured Employer

© Adicio Inc.