Security Analyst/Cyber Defender Senior Job in Smyrna, Georgia US
Security Analyst/Cyber Defender Senior
Job Description Are you interested in Information Assurance and Computer Network Defense (IA/CND) or have you ever worked in or had aspirations to oversee Cyber Defense operations that includes Firewall, Virtual Private Network and Network Access Control Management? AECOM is looking for someone to employ Defense-in-Depth security strategies across an Enterprise-wide network. Security Analyst/Cyber Defender Senior Are you interested in Information Assurance and Cyber Defense or have you ever worked in or had aspirations to oversee Cyber Defense operations? AECOM is looking for someone to employ Defense-in-Depth security strategies across an Enterprise-wide network. The Security Analyst/Cyber Defender is responsible for maintaining the security, integrity and robustness of a portion of the DoD Global Information Grid (GIG). This includes the infrastructure associated with the GIG (routers and switches), the boundary protection devices (firewalls and proxy servers), intrusion detection devices, software antivirus and anti-spam services and core services within a Network Operations Security Center (NOSC). WORKING HOURS: Shift flexibility mandatory. POSITION SUMMARY: Cyber Defenders oversee intrusion detection, boundary protection, and internal network monitoring and vulnerability assessment operations to defend the network They promptly respond to internal/external threats on a 24/7 presence to deliver instant analysis of all network vulnerabilities and intrusions They invoke incident response and triage measures combating adversarial Tactics, Techniques and Procedures and mitigate nefarious actions by, for example, caging a system or implementing network IP blocks They develop a network defense visibility display, direct time sensitive adjustments to the network security posture to minimize or counter operational risk, and collect and store the data and metrics necessary to conduct Operational Risk Management (ORM) They research and investigate current and emerging threats and provide leadership with guidance on how to mitigate those threats. They also direct security measures such as identification/authentication controls and intrusion detection for the NOSC or sites under their control In addition, they maintain status of boundary protection configurations and advise on the utilization of tools and procedures in order to sustain information security, integrity, and availability. They oversee network availability and network management operations and are responsible for collecting and archiving the data necessary to conduct detailed infrastructure analysis, producing time-sensitive displays and threshold alerts, generating ad hoc queries for network assistance, and developing course of action scenarios They maintain a watch on network performance characteristics and infrastructure centers of gravity, and recommend adjustments They centrally monitor available network resources ensuring efficient use and direct disaster recovery and contingency planning measures QUALIFICATIONS: Mandatory: Must be able to successfully pass a Drug Test Must have an active DoD Security Clearance or ability to obtain a clearance Achievement of Security+ certification mandatory Achievement of ITILv3 certification mandatory Experience with: o Analyzing Firewall logs o Analyzing Proxy logs o Analyzing Windows Event and Security logs o Network Topologies o Network Operations health monitoring tools o Intrusion Prevention/Detection Systems (IPS/IDS) o Basic understanding of TCP/IP o 2 year understanding of Networked Enterprise Desired: Experience with Host Based IDS (HIDS) Experience with ePolicy Orchestrator (HBSS) Experience with Checkpoint, Sidewinder, PIX firewall Experience with EnCase Forensic suite Experience with Network Access Control (NAC) Experience with Remedy Trouble Ticketing System for Incident tracking Experience with Vulnerability Assessment, Patching, Remediation Experience with Anti-Virus/Anti-Malware systems Familiarity with DoD Networks and the Combat Infrastructure Transport System architecture Certification or training in Certified Ethical Hacker (CEH) or CISSP 3-5 Years experience as Systems Administrator in an Enterprise Environment Current Secret security clearance DC0112 What We Offer AECOM employees around the world enjoy a wide range of benefits and competitive compensation package. AECOM is much more than just a place to work. It's a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects world wide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow. AECOM is an Equal Opportunity Employer.