Kingfisher specializes in all aspects of technical and analytic support to cyber operations, including database administration for classified networks, software engineering, web support, and cyber, CI, and all-source analysis. Since 2005, Kingfisher has established itself as a recognized and trusted mission partner whose mission is safeguarding sensitive information, operations, and programs for our Federal customers and warfighters.
Serve as a Cybersecurity service provider analyst for an infrastructure program supporting a DoD client. Assist with monitoring, analyzing, detecting, and responding to Cyber events and incidents under supervision. Assist with supporting dynamic Cyber defense and delivering operational effects, including
intrusion detection and prevention and situational awareness. Create, tune, and compile metrics of all security devices and documentation of processes and procedures. Identify security issues and risks and then develop mitigation plans. Work in a 24/7 security operations center (SOC) environment at an Indianapolis client facility, including maintaining direct contact with client management to provide analysis and trending of security log data from various security devices.
- 3+ years of experience with incident handling, forensics, sensor alert tracking, or Cybersecurity case management
- 1+ years of experience in a SOC
- Experience with Cybersecurity tools, including ArcSight, ACAS, or equivalent SIEM tools
- Experience with Cybersecurity forensics tools and methodologies
- Experience with network ports and protocols
- Experience with log review and analysis
- Secret clearance
- HS diploma or GED
- DoD 8570 Baseline Certifications for IAT Level II (i.e. CompTIA Security+ CE), CSSP Analyst, or CSSP Incident Responder
- Knowledge of industry, government and DoD best practices, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
- Knowledge of DoD system solutions to mitigate risk in any activity that potentially impacts the security of existing IT and information management
- Ability to work one of the following shifts: 12-8 am, 8am-4pm or 4pm-12am as well as working one weekend per month and on-call for another.
- Ability to provide monitoring and risk analysis of zero-day and other vulnerabilities
- Ability to correlate disparate datasets to identify abnormal behavior
- Ability to triage SIEM events and determine escalation of indicators
- Ability to apply NIST, federal, and DoD guidelines, policies, directives, and memos as they relate to Cybersecurity
- Ability to pay strict attention to detail
- Possession of excellent analytical and collaboration skills
- CCNA or Network+ Certification
- Computing Environment Certification, including McAfee, Blue Coat, RedHat, or Cisco