Junior Cyber Security Analyst - 3331

MSI is seeking a Junior Cyber Security Analyst to support our government client in Arlington, Va.


 Overview:

The Junior Cyber Security Analyst acts as primary contact for the initial intake of cyber security events; triages potential incidents, determines the nature and scope of the event/incident, and classifies the severity and priority of the incident. Acts as the primary SOC resource with responsibility to coordinate and assist with all phases and personnel of the information security response lifecycle. Analyzes all security systems log files, reviews and keeps track of triggered events, researches current and future cyber threats, reconciles correlated cyber security events, develops and modifies new and current cyber security correlation rule sets, and operates SOC equipment and technology.

Responsibilities:

Provides technical support on post event network security logs and trend analysis.; Detects the full spectrum of known cyber-attacks (e.g., DDoS, malware, phishing, others).; Uncovers security and compliance violations.; Pinpoints location of compromised systems and devices.; Correlates events from the various components in the IT security infrastructure and identifies attacks and breaches.; Associates and correlates IP address related events with specific systems or devices in the IT infrastructure.; Identifies and analyzes intelligence information about threats to customer’s information processing systems.; Associates and correlates assets with dynamically assigned IP addresses over time.; Associates and correlates events and security incidents with individuals and their role and organization.; Conducts cyber incident and event monitoring.

Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analysis of relevant event detail and summary information. Ensure the integrity and protection of networks, systems, and applications through monitoring of security devices. React to customers escalations. Identify, analyze, and document actions taken by malicious actors. Determine sophistication, priority, and threat level of identified malware. Examine media and malware analysis reports and operational reporting from incidents to correlate similar events, tradecraft, and TTPs of malicious activity. Conduct log and system analysis for various system, and network and security devices. Experience working within a wide range of environments to include Linux, UNIX, Windows in addition to a strong understanding of networking, the OSI model, and TCP/IP protocols. Familiarity with Federal and DoD security standards such as NIST, DCID, CNSS and DoD 8500. Experience in implementation of ITIL practices and ISO 2700 family of standards.


Qualifications:

  • DoD 8570 CNDSP Certified: CEH, SSCP, GCIH, CSIH, or GCFA are acceptable
  • Must be ITIL v3 Certified within 45 days of start
  • At least 2+ years of Information Technology related experience
  • DoD Secret clearance
  • Degree - Desired: B.S. (Information Security and Assurance) or related discipline
  • Experience/knowledge with ArcSight is a plus
  • Experience with multiple IPS/IDS Systems is a plus
  • Theoretical and practical knowledge of TCP/IP stack protocols.
  • Knowledge of current security threats, vulnerabilities and web application attacks.
  • Experience with security risk assessment and mitigation techniques
  • Experience with TCP/IP packet analysis.
  • Must be able to communicate technical details in a clear, understandable manner
  • Excellent problem solving skills and keen ability to diagnose and troubleshoot technical issues

 

MSI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin.