|Date Posted||January 12, 2019|
Is it time for a new and exciting job opportunity? Phacil, an employee owned IT consulting company, is seeking a IT SMS/Cyber Incident Response Analyst for an important customer in Huntsville, AL. Join an amazing group of dedicated professionals and see the possibilities!
We bring service excellence and professional commitment delivering quality service and ferocious execution to our Federal Government customers. We provide solutions in the areas of Information Assurance, Cyber Security, Artificial Intelligence, Software & Systems Engineering, Cloud & Managed Services and Network Engineering. Join us by applying atwww.phacil.com/careers/opportunities .
Clearance Level (required to start): Active Secret with a Top Secret eligibility
Daily Job Responsibilities:
This position requires the candidate to be a Technical SME and have hands on knowledge of log aggregation and IOC's in a Big Data Platform Environment. TO be successful in this position, knowledge of teh Windows OS, Log Aggregation, STIG Checks and Compliance, Vulnerability Scans, and the overall Incident Response Planning and After Action Process will be highly desirable.
- Identify security threats, risks, and vulnerabilities, and develop mitigation plans.
- Develop, interpret and enforce security policies and procedures
- Configuration and Implementation of Tenable Security Center and Nessus Agents
- Evaluate and make recommendations for new software requests for security compliance via STIGs
- Automation of infrastructure services using the Elastic BDP (Big Data Platform)
- Configuration of VMware for multiple Operating Systems
- Wireshark and PCAP familiarity
- Creation of reports for both within the BDP and Nessus
- Develop strategies to respond to and recover from a security breach
- Educate the workforce on information security through training and building awareness
- Understand the risk/advantage/process of vetting Open Source software on the DoDIN
- Data forensics Analyst Experience
- Syslog/Windows Event Forwarding Experience (a plus)
- Knowledge of Incident Response Process (NIST SP 800-61)
- Knowledge of PII, HIPPA, GDPR, and other Data Security Frameworks
- Knowledge of Bro, Snort, and Elsa in a Security Onion Environment, preferred
- Knowledge of log aggregation methods using Splunk/Open Source Tools
- Experience in Elasticsearch, Logstash, and Kibana (ELK Stack)
- Python experience for site-scraping IOC's
- emASS and Army RMF experience (Assess Only, specifically)