Job Description

ECS is seeking a Cyber Security Analyst Jr to work in our Washington, DC office.

Iron Vine Security an ECS company is a rapidly growing information security and information technology company in Washington, DC. We are looking to hire a Cyber Security Analyst to provide a full range of cyber security services on a long term contract in Baltimore, MD. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

Salary Range: $65,000 - $75,000

Required Skills

General Description of Benefits

• Operational experience in the following functional areas:
• Event Handling
• Incident Response
• Data Analysis / Log Review
• Vulnerability Management
• Detection Engineering
• The ability to effectively communicate the status of the client’s security:
• Identify, develop processes for, and report on metrics related to the SOC team.
• Assist in the development and performance of quality control checks for SOC operations
• Identify and report on project status related to the functional areas listed above
• The ability to communicate clearly, correctly, and effectively about other teammate’s tasks and the ability to mentor other teammates in doing the same.
• The ability to assist other engineers/analysts in developing and communicating status updates. Additionally, support with project plans, deconstructing tasks, and providing updates in conjunction with a project management office
• Perform triage and root cause analysis on security events:
• Document the flow of data and identify multiple distinct data sources where suspicious behavior can be identified - must also be able to identify supplemental sources where similar data may be found.
• Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation.
• Communicate and collaborate with colleagues to investigate incidents.
• Investigate and identify the root cause behind security incidents - to include all stages of the cyber kill chain as appropriate.
• Identify new data sources for determination of security events:
• Analyze raw data sources to extract, institutionalize, and document actionable events.
• Review existing security events and propose refinements as necessary.
• Must have familiarity with US-CERT Federal Incident Notification Guidelines
• 2 - 5+ years of Information Technology experience, with at least 2 years of experience in information security working within security operations and 2 years’ experience monitoring threats via a SIEM console
• Detailed understanding of NIST Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide
• Exceptional working knowledge of TCP/IP Networking and the OSI model
• In-depth knowledge of the Intelligence driven defense utilizing the Cyber Kill Chain (CKC)
• Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• Significant experience with packet analysis (Wireshark) and Malware analysis
• Strong working knowledge of Splunk and Akamai WAF experience
• Strong customer service skills and decision-making skills
• Strong working knowledge of windows and Linux command-line tools, networking protocols, systems administration and security technologies
• Strong working knowledge Hypertext Transfer Protocol response status codes
• Experience creating actionable content for a diverse range of commercial security tools and/or SIEM technologies
• Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
  

Certifications/Licenses

• Bachelor's degree in Computer Science or related field or equivalent work experience
• CompTIA Security+
• Certified Information Systems Security Professional or Associate
• EC Council Certified Ethical Hacker (CEH)
• Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Certified Incident Handler (GCIH), SANS GIAC security essentials (GSEC), COMPTIA Security+
  
  

Desired Skills

• Minimum of 2 years’ experience in SOC/CIRT
• Experience with Splunk, RSA Security Analytics and Akamai Web Application Firewall preferred
• #ECS1
  
  

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.