Location: Huntsville, AL
Type: 6 month Contract to Hire
- Monitors the network and supporting systems to detect security compromise events (including intrusions and virus incidents).
- Provides network and security operations technical analysis, assessment, and recommendations.
- Identifies where systems/networks deviate from acceptable configurations, enclave policy, or local policy.
- Conducts audits to ensure information systems security policies and procedures are implemented as defined in security plans and best practices.
- Lead in the collection, selection, recommendation, and implementation of approved tools for cyber operations, cyber incident response, cyber defensive operations, and cyber situational awareness activities.
- Performs detailed analyses to validate established security requirements and to recommend additional security requirements and safeguards.
- Establishes strict program control processes and policies to ensure mitigation of risks
- Lead the development of tactics, techniques, and procedures (TTPs) and process flow diagrams to build a Cyber Operations capability.
- Performs evaluations (compliance audits) and/or active evaluations (vulnerability assessments).
- Conducts trend analysis of security events to identify anomalous malicious activity and repeat infection.
- Develop technical and operational views, reports, and summaries to provide leadership with a continuous, accurate, situational understanding and impact to mission and operational risk.
- Develop technical and operational solutions to support execution of Cyber Operations functions and responsibilities to include determination of sensors, placement, and threat feeds.
- Bachelors Degree in related field plus a minimum of 8 years of experience is required.
- Strong knowledge base preferred in the areas of real-time security situational awareness, operational network systems, and security monitoring.
- A security clearance is required with the ability to obtain TOP SECRET with SCI Eligibility
- 8570 IAT II (CCNA Security, CySA+/CSA, GICSP, GSEC, Security+ CE, CND, SSCP) or IAM II (CAP, CASP+ CE, CISM, CISSP, CISSP Associate, GSLC, CCISO)
- Experience working in a Security Operations Center and using some SOC tool sets
- Experience with IT in an operational environment
- Experience with Supervisory Control and Data Acquisition (SCADA) systems a plus
- Computing Environment certifications a plus (A+, Net+, Cisco)
- TOP SECRET clearance with SCI Eligibility a plus