View Similar Jobs
Forward
Save
Flag as...
Print
Security System Analyst
| Company: | Knowledge Consulting Group Company Profile | Current Opportunities (14) |
| Job Location(s): | San Antonio |
| Employment Term: | Regular |
| Employment Type | Full Time |
| Start Date: | ASAP |
| Starting Salary Range: | Not Provided |
| Required Education: | Bachelor's Degree |
| Required Experience: | 8 to 20+ years |
| Security Clearance (minimum): | Secret |
| Security clearance note: | Secret clearance is required and must be clearable to the TS/SCI level. |
| Related Categories: | IT - General, IT - Software Development, IT - Networking |
Position Description
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Secret clearance is required and must be clearable to the TS/SCI level.
Candidate will be doing the job of a Real Time analyst. 24/7 real time monitoring of AF network, doing initial identification of potential intrusions to pass to incident response for further development. Additional responsibilities may include:
• Perform log analysis.
• Perform packet analysis and be able to identify malformed packets.
• Be able to analyze the payload of the packet.
• Define the relationship between seemingly unrelated events.
• Use search engines and ArcSight knowledge base and reference pages.
• Perform advanced queries of NSD historical and reference databases.
• Make recommendations for rule and filter modifications and creation in IDS and ArcSight.
• Be able to take required elements of a report and create a properly formatted report.
• Understand differences between various operating systems – which OS an event came from and which OS is vulnerable to a certain attack.
Requirements:
• Ideally, candidates should possess a Masters degree and 5 years of experience; or a Bachelors degree and 8 years of work experience; or 15 years total working experience. At least 2 years for their working experience must be in a technical field. NOTE THAT THIS IS NOT A FIXED REQUIREMENT - ONLY A TARGET.
• Ideally, should have minimum of 5 years of IDS/IPS experience. Must have minimum of 2 years experience - preferably with computer and network security, intrusion detection and network monitoring, or combined training within the last 3 years of intrusion detection, intrusion prevention and network monitoring and Internet, and Domain name addressing; fundamental components of networks; and TCP/IP, FTP, and HTTP protocols.
• Must know the most commonly used ports and research lesser-known ports (ports that NSD normally sees).
• Know the type of traffic that should be seen into and out of the most commonly used ports.
• Understanding of network protocols.
• Understanding routing.
• Understand limitations of AF security policies.
• Make recommendations for TCNO & NOTAM that should be generated.
• Understanding of computer security and its limitations.
• Understand advanced hacking techniques.
• Understanding of commonly used AF network services – DNS, mail, web, etc. and be conversant in less common network services.
Candidate will be doing the job of a Real Time analyst. 24/7 real time monitoring of AF network, doing initial identification of potential intrusions to pass to incident response for further development. Additional responsibilities may include:
• Perform log analysis.
• Perform packet analysis and be able to identify malformed packets.
• Be able to analyze the payload of the packet.
• Define the relationship between seemingly unrelated events.
• Use search engines and ArcSight knowledge base and reference pages.
• Perform advanced queries of NSD historical and reference databases.
• Make recommendations for rule and filter modifications and creation in IDS and ArcSight.
• Be able to take required elements of a report and create a properly formatted report.
• Understand differences between various operating systems – which OS an event came from and which OS is vulnerable to a certain attack.
Requirements:
• Ideally, candidates should possess a Masters degree and 5 years of experience; or a Bachelors degree and 8 years of work experience; or 15 years total working experience. At least 2 years for their working experience must be in a technical field. NOTE THAT THIS IS NOT A FIXED REQUIREMENT - ONLY A TARGET.
• Ideally, should have minimum of 5 years of IDS/IPS experience. Must have minimum of 2 years experience - preferably with computer and network security, intrusion detection and network monitoring, or combined training within the last 3 years of intrusion detection, intrusion prevention and network monitoring and Internet, and Domain name addressing; fundamental components of networks; and TCP/IP, FTP, and HTTP protocols.
• Must know the most commonly used ports and research lesser-known ports (ports that NSD normally sees).
• Know the type of traffic that should be seen into and out of the most commonly used ports.
• Understanding of network protocols.
• Understanding routing.
• Understand limitations of AF security policies.
• Make recommendations for TCNO & NOTAM that should be generated.
• Understanding of computer security and its limitations.
• Understand advanced hacking techniques.
• Understanding of commonly used AF network services – DNS, mail, web, etc. and be conversant in less common network services.
