Senior Cybersecurity / Vulnerability Analyst
| Published | May 20, 2020 |
| Location | Santa Ana, CA |
| Category | Default |
| Job Type | Full-time |
Description
Description
Summary:
This position will be responsible for Cyber Intelligence and Vulnerability Assessment for the 24/7 Security Operations Center (SOC). The candidate must have a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and at least 5 years’ experience including experience in collecting, synthesizing, fusing, or authoring unclassified and classified cyber threat intelligence products as well as experience in vulnerability assessment and penetration testing.
Job Specific Responsibilities:
• Develop moderately complex security designs and test plans using existing technology.
• Perform and document root cause analysis for security incidents.
• Perform and document vulnerability analyses
• Develop cyber security analytics and threat intelligence using multiple data sources provided to the Security Information and Event Management (SIEM) system.
• Work closely with the SAIC CISO to identify and recommend process and system improvements to the security program.
• Create relevant documentation and recommendations for changes to the current security architecture.
• Drive the capabilities and execution to effectively optimize and improve enterprise security.
• Demonstrate expert level knowledge of security services and implementations.
• Investigate, positively identify, and document anomalous events and incidents that are escalated by Tier 1 engineers.
• Document and escalate appropriate events and incidents to Tier 3 engineer.
• Examine cyber adversary techniques in order to develop defensive methodologies.
• Conduct risk analysis and convert it into actionable monitoring recommendations to be conducted by the SOC.
• Conduct vulnerability assessments and recommend remediation and mitigation strategies and implementations to ensure effective achievement of the organizational objectives.
• Provide support for security incidents throughout the incident lifecycle as needed and make recommendations to ensure enterprise infrastructure is protected.
• Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
• Work with the SAIC CISO to develop a metrics program to report on overall SOC performance and effectiveness.
VENDORS/TOOLS/MANAGEMENT SYTEMS
• Wireshark
• LogRhythm
• ServiceNow
• Keylight
• Nessus/Tenable
• Microsoft Exchange and Microsoft Exchange Online Protection
• Sourcefire
• Cylance
• Zscaler
• Data Loss Prevention
Qualifications
REQUIRED QUALIFICATIONS & EXPERIENCE
• Bachelor degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and a minimum of five years of experience in Cyber Security.
• Must be able to meet all Law & Justice and departmental clearance requirements prior to starting work and be eligible to pass law enforcement level background investigations and obtain U.S. SECRET (or similar) clearances as required.
• Demonstrated Experience with Cyber Intelligence & Vulnerability Assessment including expert experience in at least two of the following areas:
(a) Vulnerability Assessment;
(b) Intrusion Prevention and Detection;
(c) Access Control and Authorization;
(d) Policy Enforcement;
(e) Application Security;
(f) Protocol Analysis;
(g) Firewall Management;
(h) Incident Response;
(i) Encryption;
(j) Web‐filtering;
(k) Advanced Threat Protection
KEY REQUIREMENTS
• Security+ and/or CySA, plus CCNA Certification,
• Experience with Nessus vulnerability scanning
• Experience with Security Information and Event Management Tools (LogRhythm).
• Experience with vulnerability assessment tools (Nessus).
• Experience writing moderately complex scripts.
• Understanding of networking concepts and technologies including TCP/IP, Routing, Switching, NAT, OSI Model, etc.
• Ability to manage multiple projects and multiple deadlines in an organized fashion.
• Understanding of advanced data analysis and management concepts.
• Technical writing abilities to author technical and management risk reports.
DESIRED QUALIFICATIONS & EXPERIENCE
• Certified Information Systems Security Professional (CISSP)
• CCNP/CCDP
• SANS/GIAC certifications
• Cisco WLAN certification
• Experience in Information Assurance Policy and Guidelines
• NIST Special Publication 800-53
• NIST Cybersecurity Framework
• ITIL Foundation Level or higher Certification
Overview
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability