The ISD Cyber Security Sector is responsible for monitoring and protecting information systems. The sector operates and maintains computer network defense (CND) tools and data sources (network and host level) in support of incident response and mitigation processes. Services include briefings to management, advising them of issues that may affect the security posture. The sector also conducts vulnerability assessment scanning at the network, system, and application levels, and coordinates mitigations and communications to the community.
RESPONSIBILITIES AND DUTIES
Security Infrastructure Operations:
-Responsible for day to day support and maintaining security Infrastructure Systems (e.g. Intrusion Prevention Systems, Anti-Virus, Web Proxy Systems, Full Packet Capture, Online and Offline Malware- Analysis Systems and SIEM platform)
-Duties include but not limited to system troubleshooting, vendor coordination, OS patching and updating.
-Ensure all devices are under configuration management, receiving signature updates and maintain operational readiness
-Monitor performance metrics and log data for continuous improvement and tuning to match current threats
-Update rule-sets/policy on infrastructure systems to support overall defensive systems
-Maintain and update documentation, including standard operating procedures.
Security Infrastructure Engineering:
- Assist in evaluating potential security software, tools or devices.
-Assist in testing of new network security systems and changes to existing network security devices.
- Develops, publishes, and maintains system documentation (e.g. Requirements,
- Design/Build, Testing, and SOP) according to department standards.
- Through log and data analysis, determine scope or extent at which other systems were exposed to the same threat.
- Identify, implement or request solutions (e.g. blocks) to mitigate future risk.
Cyber Security and External Awareness:
-Participation in external Cyber Security working groups (e.g. FFRDC)
-Monitor current malicious cyber activity at large and research how vulnerabilities are being exploited and software affected.
- Proactively identify opportunities to mitigate potential threats based on research
-Proactively identify any patterns within device and server logs based on research to potentially identify systems of interest or mitigate future risk to the systems
Communication & Collaboration:
-Develop metrics and presentations that demonstrate Threat assessment team effectiveness
-Coordinate efforts among analyst to enhance mitigation efforts and avoid duplication of efforts.
-Coordinate with Security Services Department on threat impact, nature and potential scope.
-Develop and publish detailed Threat Assessment reports as required.
-Evaluate potential security software, tools or devices
-Test new network security systems and changes to existing network security devices.
-Develop technical project plans, requirement documentation, test plans, change requests, and communications to users.
This position is under general supervision of the IT Security Operations Team Lead.
• Must be a U.S. citizen with the ability to obtain and maintain an active secret clearance
• Associates OR Tech. School Cert. OR at least 1 Cert, + min 3 yrs experience
• Strong working knowledge of various enterprise network and standalone infrastructure security systems and technologies.
• Experience with enterprise log management platforms (e.g., Splunk).
• Experience with IDS/IPS systems, Firewalls, Web Proxy and full packet capture systems.
• Proven ability to script in Perl or Python.
• Excellent customer service, written and oral communication skills.
• Demonstrated ability to work in a fast-paced environment at times with minimal supervision and execute operations, project and administrative tasks with a high degree of quality, while following existing processes and establishing new operational procedures and best practices where necessary.
• Demonstrated ability to work with members of other teams and staff to achieve department and organizational goals.
• Strong understanding of network routing and switching and TCP/IP protocols.
• Strong working knowledge of the Linux Operating system
• Good understanding of the Windows Operating system (desktop and server)
• Ability to work independently toward delivery of goals as well as collaborate in team efforts.
• Skill in building consensus among stakeholders and colleagues.
• CompTIA Security+, SANS Certified Incident Handler (GCIH) or equivalent certification
• Knowledge of DoD and NIST security standards and procedures
• ITILv3 Foundations Certification
• Active Secret Clearance
• This position requires an individual with excellent communication (both oral and written) and organizational skills.
• The individual must be able to work in a fast-paced environment with minimal supervision.
• They must be able to execute operations, project, and administrative tasks with a high degree of quality and consistency by following existing operational procedures and best practices.
• Additionally, the position requires the ability to work with members of other teams and staff to accomplish department and organizational goals.
WORKING LOCATIONS & ADDITIONAL INFO
• Location: Lexington, MA
• Travel: Non-Anticipated
• Employment Status: Full-Time Employee with full benefits (Medical, Dental, Vision, STD, LTD, PTO, Retirement)
• Other: All candidates must also successfully pass a Commercial Background Investigation (CBI).
This job posting sets forth the authorities and responsibilities of this position, which may be changed from time to time as shall be determined.
Odyssey Systems Consulting Group, LTD. is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other factors protected by federal, state, and/or local law. This policy applies to all terms and conditions of employment, including: recruiting; hiring; placement; promotion; termination; layoff; recall; transfer; leaves of absence; compensation; and training.
- Tuition Reimbursement
- Employee Events
- Vacation/paid time off
- On Site Cafeteria
- Maternity/Paternity Paid Leave
- Gym Memberships
- Retirement / Pension Plans
- Paid Holidays
- Employee Referral Program
- Medical, Dental and Vision
- Paid sick days
- Life Insurance
- Flexible Spending Accounts
- Military Leave
- Professional Development