In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.
Description of Task to be Performed:
Come join our growing team and make a difference every day! AnaVation is seeking an experienced Incident Response/Security Analyst to support a mission-critical cybersecurity in Washington DC.
Key responsibilities include:
· Create, track, monitor and investigate security related events/incidents through closure.
· Monitor, maintain and administer policies and rules within EDR and SIEM tools (e.g., Crowdstrike, Splunk).
· Participate in or lead the remediation of incidents and responses that are generated from live threats against the enterprise.
· Perform incident response analysis based on investigation requirements.
· Support and develop reports during and after incidents, which include all actions taken to properly mitigate, recover and return operations to normal operations.
· Assist in developing and implementing defensive cyber best practice tactics, techniques, and procedures.
· Assist in conducting vulnerability scans using Tenable SC and Nessus Manager. Manage the applications and conduct vulnerability analysis.
· Maintain Incident Ticketing tracking system and related tickets within Remedy.
· Monitor and take action within multiple tools providing security functions such as vulnerability management (e.g., Nessus), configuration management (e.g., Tenable Security Center, IBM BigFix, SCCM, McAfee ePO), endpoint protection (e.g., antivirus, ATP), intrusion detection software and hardware.
· Perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system.
· Interacting with GRC tool (e.g., CSAM) to perform daily/weekly vulnerability analysis.
· Creating and compiling weekly security metrics into dashboards and charts.
· Flexible with other security related tasks as needed by the customer.
This position is currently hybrid (2 days per week on site at the customer location in DC) but is subject to change at the customer’s direction. This position will require being on call after hours/weekends (further details on on-call rotation with IR team to be discussed with hiring manager).
Required Qualifications:
Education: Bachelor’s degree in Cybersecurity, Information Technology, or a related field. In lieu of a degree, a minimum of eight (8) years of hands-on relevant experience is required.
Experience: 4 years
Required Skills/Certs:
Bachelor's degree in a related field or equivalent demonstrated experience and knowledge.
4 years’ experience as a Security/Network Administrator.
Hands-on experience conducting incident response activities and vulnerability analysis of various systems, applications, security tools, databases, and networks logs.
Performing vulnerability scans with tools such as Nessus.
Experience with Crowdstrike, TenableSC, Splunk. (Experience with comparable tools may be considered).
Familiarity with multi-tiered network applications, common ports and protocols used in those communications, the Common Vulnerability System (CVS) and the exploitation mechanisms of common vulnerability types (e.g., buffer overflows, cross-site-scripting, SQL injection).
Ability to perform online research and comprehend attack signatures while comparing them to network traffic to perform proper analysis of detections.
Ability to use common tools such as Wireshark to examine network traffic.
Certifications: Security + required
Preferred Qualifications:
Self-Starter – ability to quickly become competent with new security-related tools and processes.
Ability to conduct Deep Dive analysis to determine root cause assessment of various network scanning agents’ scanning or communication failures.
Ability to coordinate remediation strategies with agency’s department technical staff through completion.
Familiarity with the various use cases and alignment of data from each tool to various security disciplines in configuration management, vulnerability management, risk management and incident management.
Familiarity with encryption technologies used in commercial operating systems, including Public Key Infrastructures, symmetric and asymmetric cryptography, certificate trust stores and the use of key escrow for discovery and legal purpose.
Familiarity with the use of Transport Layer Security (TLS) to secure network communications, code signing certificates and Certificate Authorities (CA) for the administration of encryption trust certificates.
Familiarity with protocols commonly used in commercial networks, such as Server Message Block (SMB), Remote Procedure Calls (RPC), Hypertext Transfer Protocol (HTTP) and Structured Query Language (SQL).
Understanding of the role of interactive training such as phishing exercises for assessment of organizational abilities.
Familiarity with the use of data analysis tools, including the use of Microsoft Excel or PowerBI to combine data from multiple sources.
The ability to deliver in-person or virtual training that results in excellent assessment via trainee feedback.
Familiarity with information security terminology and be able to develop or select technical training in the discipline of information security geared to an organization.
Familiarity with data management and reporting of training data and statistics using common tools such as Microsoft Excel and Word.
Benefits
·Generous cost sharing for medical insurance for the employee and dependents
·100% company paid dental insurance for employees and dependents
·100% company paid long-term and short term disability insurance
·100% company paid vision insurance for employees and dependents
·401k plan with generous match and 100% immediate vesting
·Competitive Pay
·Generous paid leave and holiday package
·Tuition and training reimbursement
·Life and AD&D Insurance
About AnaVation
AnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team.
If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you!
AnaVation is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
Estas cookies son necesarias para que el sitio web funcione y no se pueden desactivar en nuestros sistemas. Puede configurar su navegador para bloquear estas cookies, pero entonces algunas partes del sitio web podrían no funcionar.
Seguridad
Experiencia de usuario
Cookies orientadas al público objetivo
Estas cookies son instaladas a través de nuestro sitio web por nuestros socios publicitarios. Estas empresas pueden utilizarlas para elaborar un perfil de sus intereses y mostrarle publicidad relevante en otros lugares.
Google Analytics
Anuncios Google
Utilizamos cookies
🍪
Nuestro sitio web utiliza cookies y tecnologías similares para personalizar el contenido, optimizar la experiencia del usuario e indvidualizar y evaluar la publicidad. Al hacer clic en Aceptar o activar una opción en la configuración de cookies, usted acepta esto.
Los mejores empleos remotos por correo electrónico
¡Únete a más de 5.000 personas que reciben alertas semanales con empleos remotos!