Cyber Security Operations Specialist II
Company: William C Brown Inc
Location: Saint Louis
Posted on: March 19, 2023
|
|
Job Description:
Cyber Security Operations Specialist II
EOE Statement We are an equal employment opportunity employer. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, national origin,
disability status, protected veteran status or any other
characteristic protected by law.
Description
WCBinc is looking for a Cyber Security Operations Specialist II to
operate and manage all aspects of Information Systems, data
availability, integrity, authentication, confidentiality, and
non-repudiation. This role will develop and execute security
policies, plans, and procedures and ensure security measures of the
network.
What You'll Get to Do:
Provide cyber threat intelligence services for the collection,
fusion, analysis, creation, and distribution of threat intelligence
from government entities, commercial feeds, open sources, and other
partners to obtain situational awareness of the threat
environment.
Provide cyber threat intelligence services on an expanded 12x5
service support level during core hours and on-call support with
two-hour response time during non-core hours.
Cyber threat intelligence services shall develop and disseminate
reports and tippers to internal and external stakeholders based on
events, alerts, and incidents on customer systems and networks.
Implements and monitors security measures for communication
systems, networks, and provide advice that systems and personnel
adhere to established security standards and Governmental
requirements for security on these systems.
Designs and implements data network security measures; operates
Network Intrusion Detection and Forensics; conducts performance
analysis of Information Systems security incidents; develops
Continuity of Operation (COOP)/Disaster Recovery (DR) plans and
supports certification of Information Systems and Networks.
Supervises operation of Electronic Key Management System, other
information security duties, and Public Key Infrastructure.
Receive tickets from other Cybersecurity Operations Services
sub-services and conduct detailed analysis to validate any
event/alert/incident
Categorize, prioritize, investigate, and assess cybersecurity
events/alerts/incidents to identify the extent and scope of the
event/alert/incident and what impact there is on the operation or
systems
Update and forward tickets to other Cybersecurity Operations
Services to customer as needed
Collect, aggregate, and analyze artifacts and evidence from all
available tools, knowledge sources, and data artifacts to determine
and document the who, what, when, where, why and how of an
intrusion, its extent, how to limit damage, and how to recover
Submit custom signatures and tuning requests as needed to Network
Security Services, Endpoint Security Services, and Cybersecurity
Data Analysis Services
Assists the C-IRT by assessing ongoing incident activity to predict
adversary responses and locations of compromise
Documents tickets and analysis to a level of detail sufficient to
reconstruct the analyst's analysis, to include but not limited to
the steps taken, timelines, and data required to justify the
analyst's assessment
Provide custom metrics reports including incident category types,
tools used, number of indicators, time opened at each step,
trending statistics, service availability, system utilization,
etc.
Provide input to the daily CSOC Significant Activity, Operations,
and the weekly CSOC Status Report
Advanced Cybersecurity Analytics, coordinate with Network Security
Services, Endpoint Security Services, and Cybersecurity Data
Analysis Services to develop or tune rules/signatures/scripts
Position Requirements
You'll Bring These Qualifications:
Bachelor's Degree in a Technical field (i.e. Information
Technology, Information Systems, Computer Science)
4+ years' experience working in Cyber Security Operating Host Based
Security System (HBSS), firewalls, Intrusion Prevention Systems,
Intrusion Detection Systems, other point of presence security
tools, Virtual Private Networks, and related security
operations.
DoD 8570.01-M IAT Level II certification and CSSP Analyst.
Utilize the SEIM to perform 24/7 monitoring, detection, and initial
triage (identify, investigate, categorize, prioritize, ticketing,
and forwarding) of events/alerts/incidents.
Experience with Cyber Incident Response Team (C-IRT) Services
Cyber Incident Quality Control Services - Conduct Quality Control
reviews of a percentage closed Tier II tickets each week to ensure
proper analysis, categorization, documentation, and
notification
Cyber Threat Intelligence Services - Conduct emerging threat and
intelligence fusion analysis
Cyber Threat Emulation Services; Develop, test, and when properly
authorized, execute custom scripts, programs, and/or other
capabilities to emulate cyber threats to include Cyber Data
Presentation Services
Cyber Hunt Services/Planned Hunt Services; update, and document
tickets in the authorized ticketing system to initiate the incident
response.
TS/SCI Security Clearance (US Citizenship required)
These Qualifications Would be Nice to Have:
IAT Level III
Master's Degree in a Technical field
Location St. Louis
Full-Time/Part-Time Full-Time
Exempt/Non-Exempt Exempt
Security Clearance Requirements Top Secret / SCI
This position is currently accepting applications.
Keywords: William C Brown Inc, St. Louis , Cyber Security Operations Specialist II, Other , Saint Louis, Missouri
Click
here to apply!
|