SBD is seeking a Junior Cyber Security Analystto join our team in support our DoD customer located in Arlington, VA. The Cyber Security Analyst will assist in establishing a Network Security Operations Center (NSOC). The Analyst will directly support the NSOC Team working in collaboration with the Information Assurance (IA)/Cybersecurity/Computer Network Defense (CND) Team to perform security information and event management (SIEM) tasks and other network operations support tasks.
- Analyzes information security requirements, translates requirements into security designs, implements security designs, and tests effectiveness.
- Provide Threat Reconnaissance for ISSM and Operations using all available tools and information.
- Possesses and employs working knowledge of standard information security products including Security Information Event Management Tools, Access Control Lists, intrusion detection systems (IDS), Endpoint Security, vulnerability testing and security analysis tools.
- Demonstrates competence in all phases of security requirements analysis and information security system design as well as available products and management practices.
- Understands U.S. Government security policy including DoD and appropriate civil agencies such as NIST, as well as commercial best practices.
- Conducts system integration of the McAfee product suite, identify system vulnerabilities and design or deploy solutions that support a high availability system.
- Operates, Understands, and provides Cyber Analyst reports from the McAfee Suite of SIEM products, including Enterprise Security Management (ESM), Database Event Monitor (DEM), Advanced Correlation engine (ACE), Application Data Monitor (ADM), Enterprise Log Manager (ELM), ePolicy Orchestrator (ePO), SIEM Receivers, Solid Core, and other Cyber Security Products such as Tenable/ACAS - Nessus scanner, and ForeScout CounterAct.
- Provides advanced analytical support, and coordination with solution providers and vendors to support additional problem management activities as required related to SIEM products.
- Investigates and initiates Incident Response and Incident Handling procedures for SIEM events.
- Generates, monitors, and tracks incidents generated by the SIEM suite through resolution.
- Maintains Incident Response Plan and Incident Handling Procedures related to the NSOC and SIEM events.
- Assists IA by validating enclave and subsystems are providing proper logging, log retention, and providing accurate audit trails per NIST requirements. Provide a continual assessment of network device configuration and compliance ensuring rouge devices are located and removed for the system as soon as possible.
- Reviews and provides guidance on the proper implementation of DISA Security Technical Implementation Guide (STIG) requirements to Operations team.
- Serves as Cyber Security technical liaison between Government leads, Network Security Operations, Operations team, and IA team concerning implementation of newer technologies to infrastructure.
- Implement and upgrade security measures and controls
- Bachelor's degree
- 2 years of experience related to Cyber Analysis and Security
- Experience and familiarity with McAfee Suite of SIEM products, Remedy ticketing system, and ITSM Framework
- DoD 8570 IAT Level II Certified (CCNA-Security, CompTIA Security CE, GICSP, GSEC, or SSCP) AND Operating System (OS)/Computing Environment (CE) certification
- Active Secret Clearance or Interim Secret Clearance (Must be a US Citizen)