Federal SOC / Security Analyst ( Splunk, IDs / IPs, SIEM, Incident ) - Active Clearance - 99% Remote
Vacancy expired!
(Only w2 OR 1099 no c2c and must have Active Interim / Secret /TS clearance) Please note this position is with Fed Agency and required Active Secret or TS or Interim clearance. Must be able to work on w2 due to the clearance requirement. Location: Sterling, VA (Hybrid Schedule)Work schedule & hours: Mon-Fri, 1 days onsite & 4days tele-wok from July - 8hrs/day, shift starts from 6am/ 7am/9am/11am.Duration: 3 +years plusClearance: Must have interim / Active Secret or TS.Requirements: Key skills set (Splunk, SIEM, Incident response, IPs / IDs)EXPERIENCE:Five (5) years of experience in IT and 3 years in Information System Security/Cyber Security/Computer Forensics, or Insider Threat. Work experience and knowledge in; network monitoring, and intrusion detection using host-based and network-based intrusion detection systems (IDS) and log management applications; testing, installing, patching, and upgrading computer hardware and operating systems (Windows, and UNIX) in an enterprise environment;identifying, collecting, processing, documenting, reporting, cyber security/ incident response events; architecture, engineering, developing and implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and upgrading various information security hardware and software applications. Experience with SIEM tools Information system security, cyber security, computer forensics, insider threat, information certification & accreditation regulations, Federal standards, industry best practices and guidelines. Experience using SIEM tools like SourceFire, Splunk, NetWitness, Guidance Software, Digital Guardian, Raytheon (SureView), NMAP, Metasploit, Request Tracker, Nagios, Intelliview, Nessus and Foundstone. Education: BS/BA in Computer Science, Information Systems Engineering, Business, Physical Science, orother technology-related discipline. EDUCATION SUBSTITUTION:Certificates such as Microsoft’s MCSE, or Cisco’s, CCNA, CCDA or CCIE, may be considered equivalent to two (2) years of general experience / information technology experience. The CISSP certificate may be considered equivalent to two (2) years of information security experience.