Cyber Security Mid Level Event Analyst (Job Number: 320873)
SAIC has a career opportunity for a Cyber Security Mid Level Event Analyst to support our customer in Reston VA.
SAIC is looking for a seasoned and dynamic person to thrive in this Mid level Analyst role providing shift leadership, and second tier technical support to the 24x7x365 security operations centers. Technical aspect includes configuration management, analysis, interpretation and evaluation of threats, risks and vulnerabilities affecting various customers. Also provides triage, response, and mitigation assistance when necessary and communicates with various customers on a regular basis
The Mid Level Event Analyst is a key member of a 24/7 Network Security Operations Center (NOSC). The NOSC provides real-time (or near real-time) detection and reaction services for information security incidents within the organizations enterprise, so you should have good understanding in computer information systems and it's core technologies.
Mentoring and oversight of Junior analyst and peers
- Monitoring of security events in the SIEM, as well as other security feeds, and GSIRT communications (email, phone, chat, and other communications).
- Triage of incoming security events, perform preliminary and secondary analysis, validate events, and escalate to management if events deem additional response action.
- Documenting event analysis and capture and analysis of artifacts in sufficient detail that the analysis process can be passed to other cyber security personnel. Analysis will be entered into the GSIRT ticketing system.
- Monitoring of security appliance health, basic troubleshooting of security devices, and notification of security engineering as necessary for malfunctioning equipment.
Ticket review and quality control
- Resolve incidents/outages if possible
Provide 24x7 Operational support; on a rotating/static shift schedule (including overnight shifts)
TYPICAL EDUCATION AND EXPERIENCE: Bachelor's degree or equivalent and 4+ years related experience.
Basic understanding of SIEM technologies (ArcSight, McAfee etc)
Enterprise-level experience performing incident triage, analysis, response, and remediation for computer network intrusions, web application and server attacks, insider threats, and malware infections
Ability to evaluate available information, identify information gaps, recreate incident timeline of event activity. Ability to cross correlate and analyze log information, packet captures, security alerts, and artifacts to identify initial entry vectors, network traversal, and scope of malicious activity
Intrusion Detection/Intrusion Prevention Systems (IDS/IPS)
Operating Systems: Strong understanding of Windows and Unix/Linux low-level operating system functionality
Networking: Strong understanding of enterprise-level networks, networking protocols, devices, and architecture
Communications: Ability to effectively communicate in a professional environment with executive level and junior people, strong report writing skills. Experience working in an international environment.
Security+. Network+, CISSP or other industry standard certifications
SIEM (McAfee Nitro experience strongly preferred)
FireEye ( (Network Based Malware Detection)
McAfee ePO (Anti-Virus)
Language Capability: To best support Sony Group operations outside the US, bilingual personnel would be preferred. Ability to provide staff fluent in English and the following languages, in the following order of precedence would be preferred. Language capabilities of proposed candidates should be noted on their resumes.
SAIC is a FORTUNE 500® scientific, engineering, and technology applications company that uses its deep domain knowledge to solve problems of vital importance to the nation and the world, in national security, energy & environment, health and cybersecurity. The company's approximately 41,000 employees serve customers in the U.S. Department of Defense, the intelligence community, the U.S. Department of Homeland Security, other U.S. Government civil agencies and selected commercial markets. Headquartered in McLean, Va., SAIC had annual revenues of approximately $10.6 billion for its fiscal year ended January 31, 2012. For more information, visit www.saic.com. SAIC: From Science to Solutions®
Job Posting: Mar 19, 2013, 12:34:13 PM
Primary Location: United States-VA-RESTON
Clearance Level Must Currently Possess: None
Clearance Level Must Be Able to Obtain: None
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Yes, 10% of the time
SAIC, Inc. is a provider of scientific, engineering, systems integration and technical services and solutions to all branches of the United...