|Published||September 18, 2023|
• Information assurance, network security, computer information systems, computer science, or management information systems 18.104.22.168.2.
• Knowledge and experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools and other security tools found in large network environments; along with experience working with Security Information and Event Management (SEIM) solutions 22.214.171.124.3.
• Understanding of common network services (DNS, web, mail, FTP, etc.), network vulnerabilities, and network attack patterns 126.96.36.199.4. Understanding and familiarity with Security Information and Event Management (SIEM) systems 188.8.131.52.5. Familiarity with intrusion detection / protection, firewalls, and anti-virus systems 184.108.40.206.6.
• Knowledge and experience of managing network protocols 220.127.116.11.7. Microsoft and Linux hosting and systems Administration experience
• Cyber Threat Engineer will work on all systems and/or projects within the organization responsible for providing Cyber Security Threat detection utilizing network and host based Computer Security tools, appliances and end point products 18.104.22.168.2.
• Perform analysis of all security systems log files, review and keep track of triggered events, research current and future cyber threats, reconcile correlated cyber security events, develop and modify new and current cyber security correlation rule sets, and operate security equipment and technology 22.214.171.124.3. Document security incidents as identified in the incident response rules and escalate to management as required 126.96.36.199.4. Monitor key security infrastructure elements, identify security events, perform analysis, and initiate response activities 188.8.131.52.5.
• Perform packet analysis by identifying malformed packets and the payload of the packet 184.108.40.206.6. Integrate security products, including designs for all organizational networks as well as designing, engineering, planning, integrating, configuring, testing and deploying 220.127.116.11.7. Maintain system baselines and configuration management items, including security event monitoring "policies " in a manner determined by the program management 18.104.22.168.8.
• Provide documentation and interaction with other analysts and Operations and Maintenance (O&M) personnel to ensure a complete and functioning system that meets requirements 22.214.171.124.9. Perform software testing (patches, other updates) 126.96.36.199.10. Troubleshoot OSI layer and TCP/IP related problems