Have Cyber Security Experience? Looking for a new opportunity with great work life balance? Apply today! Naval Nuclear Laboratory is seeking a highly motivated professional to join our Security Operations Center (SOC) team. The successful candidate will work in a technically diverse and dynamic environment with a team of cybersecurity professionals involved in multiple aspects of preventing, detecting and responding to internal and external threats. If you want to apply your skills in a mission driven environment, apply now. Some of the duties and responsibilities of this position include, but are not limited to:
Perform real-time status monitoring of security equipment (IDS, IPS, Firewalls, etc.) and systems (servers, clients, etc.) using various tools (e.g. SIEM) to identify potential security incidents, threats and vulnerabilities
Provide support and guidance to junior SOC Analysis on investigations and further analysis as needed.
Develop new processes, procedures, rules, signature, etc. to enhance SOC monitoring, analysis and escalation procedures.
Assessing threat and vulnerability information from all sources (both internal and external) and promptly applying applicable mitigation techniques
Research and identify new areas of risk and exposure where SOC should focus.
Participate in security events as subject matter expert.
Perform incident response team actions as assigned.
Integrate and share information with other analysts and other teams.
- Bachelor’s degree from an accredited college or university and a minimum of four years relevant experience; or
- Master’s degree in a related field from an accredited college or university and a minimum of two years relevant experience
- Bachelor’s degree from an accredited college or university and a minimum of six years relevant experience; or
- Master’s degree in a related field from an accredited college or university and a minimum of four years relevant experience
Job Preferred Skills
Strong understanding of networking concepts, protocols, services and operating systems (TCP/IP, UDP, DNS, DHCP, HTTP, SMTP, Windows, UNIX, Linux, etc.)
Experience and familiarity with: Netflow data, DNS logs, Proxy Logs, IPS/IDS logs.
Experience in using SIEM technologies to support in-depth investigations and ‘hunting’ activities.
Experience and knowledge of security related technologies including but not limited to: Intrusion Prevention systems, Web Proxies, SIEM, Firewalls, Web application scanner, Vulnerability Scanners, Malware Research Tools or Forensics Tools
Experience conducting vulnerability assessments and penetration testing.
Experience in Software Scripting.