Mar 25
Top Secret/SCI
IT - Security
Newport, RI (On-Site/Office)
STRATEGOS (est. 2008) is a Service-Disabled Veteran-Owned Small Business (SDVOSB) that identifies and provides usable solutions (non-personnel support services, consulting, training, and engineering) to the US Government and its partners. Strategos provides three distinct services designed to complement one another to provide the highest quality service and products.
Strategos seeking an engineering opportunity in support of the Naval War College (NWC) and its components as they relate to their mission of Professional Military Education, Joint Professional Military Education, help the Chief of Naval Operations (CNO) define the future Navy, its missions and roles, support combat readiness, and strengthen maritime security cooperation.
Title: Systems Security Analyst / Cyber Defense Analyst
Location: Newport, RI
Full Time (Y/N): Y
Status (Exempt/Non-Exempt): Exempt
Clearance: Top Secret/SCI
Primary Responsibilities:
• Analysis, documentation and development of integration, testing, operations, and maintenance of system security.
• Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events from environments to mitigate threats.
• Apply defensive measures resulting from sources to identify, analyze, and report events from the enterprise network to protect information systems from threats.
• Coordinates threat and mitigation strategies across enterprise.
Required Job Experience:
• Coordinating, installing, and maintaining information security devices and services on EDU, SIPRNET, DMZ, and commercial ISP networks.
• Ensure compliance of information security devices, services, and capabilities within DOD Security and Information Assurance protection requirements.
• Provide information security services to implement, maintain and sustain all unclassified and classified information security support services.
• Setup, configure, modify, test, maintain, operate, and support information security tools.
• Operate ACAS for Information Assurance Vulnerability Alert (IAVA) management and scanning, McAfee HBSS, Corelight, and Cortex.
• IOT discovery, monitoring, SOAR orchestration, and SIEM event correlation and analysis.
• Cloud security systems for DLP, and Email and threat prevention/monitoring.
• Validate remediation of IT resources managed by departmental branches.
• Security incident reporting to Security Operations Center.
• Administration of firewalls, Intrusion Detection System, policy server, IAVA management, Defense Information Systems Agency, Host Based Security System, Secure Configuration Compliance Validation Initiative, and Secure Configuration Remediation Initiative tools.
• Virtual Private network management, penetration testing, forensics research and analysis, web content filter management, security incident reporting, and vulnerability scanning.
• Knowledge of cybersecurity principles, cyber threats and vulnerabilities.
• Analyze network alerts from enterprise sources determining causes of alerts.
• Security reviews, gap analysis and risk mitigation in security architecture.
• Intrusion Detection System / Intrusion Prevention System tools and applications.
• Cloud computing deployment models in private, public, and hybrid on/off prem environment.
• Information technology security principles and methods (e.g., firewalls, DMZ, encryption).
• Network protocols TCP/IP, Dynamic Host Configuration, and Domain Name System.
• Network traffic flows Transmission Control Protocol, Internet Protocol, Open System Interconnection Model, and Information Technology Infrastructure Library.
• Common attack vectors and classes of attacks (passive, active, insider, close-in, distribution).
• Packet-level analysis and collecting data from a variety of cyber defense resources.
Degree (Required or certifications below can be substituted in lieu of):
• BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution.
Certification (Preferred one of the following in lieu of Required Degree):
• Certified Ethical Hacker (CEH).
• CompTIA Cloud+
• CompTIA PenTest+
• CompTIA Security+
• Cisco Certified CyberOps Associate
• CompTIA Cybersecurity Analyst (CySA+)
• CyberSec First Responder (CFR)
• Federal IT Security Professional-Operator-NG (FITSP-O)
• GIAC Certified Enterprise Defender (GCED), Foundational Cybersecurity Technologies (GFACT), Information Security Fundamentals (GISF), Certified Forensics Analyst (GCFA), Certified Intrusion Analyst (GCIA), Defensible Security Architecture (GDSA), Global Industrial Cyber Security Professional (GICSP), Security Essentials Certification (GSEC)
Salary: Based on demonstrated skills and abilities to perform required responsibilities.
Hiring Manager: Gino Wylie, Services Manager, Email: gwylie@strategosconsultingllc.com
Target Start Date: February/March 2025
Strategos seeking an engineering opportunity in support of the Naval War College (NWC) and its components as they relate to their mission of Professional Military Education, Joint Professional Military Education, help the Chief of Naval Operations (CNO) define the future Navy, its missions and roles, support combat readiness, and strengthen maritime security cooperation.
Title: Systems Security Analyst / Cyber Defense Analyst
Location: Newport, RI
Full Time (Y/N): Y
Status (Exempt/Non-Exempt): Exempt
Clearance: Top Secret/SCI
Primary Responsibilities:
• Analysis, documentation and development of integration, testing, operations, and maintenance of system security.
• Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events from environments to mitigate threats.
• Apply defensive measures resulting from sources to identify, analyze, and report events from the enterprise network to protect information systems from threats.
• Coordinates threat and mitigation strategies across enterprise.
Required Job Experience:
• Coordinating, installing, and maintaining information security devices and services on EDU, SIPRNET, DMZ, and commercial ISP networks.
• Ensure compliance of information security devices, services, and capabilities within DOD Security and Information Assurance protection requirements.
• Provide information security services to implement, maintain and sustain all unclassified and classified information security support services.
• Setup, configure, modify, test, maintain, operate, and support information security tools.
• Operate ACAS for Information Assurance Vulnerability Alert (IAVA) management and scanning, McAfee HBSS, Corelight, and Cortex.
• IOT discovery, monitoring, SOAR orchestration, and SIEM event correlation and analysis.
• Cloud security systems for DLP, and Email and threat prevention/monitoring.
• Validate remediation of IT resources managed by departmental branches.
• Security incident reporting to Security Operations Center.
• Administration of firewalls, Intrusion Detection System, policy server, IAVA management, Defense Information Systems Agency, Host Based Security System, Secure Configuration Compliance Validation Initiative, and Secure Configuration Remediation Initiative tools.
• Virtual Private network management, penetration testing, forensics research and analysis, web content filter management, security incident reporting, and vulnerability scanning.
• Knowledge of cybersecurity principles, cyber threats and vulnerabilities.
• Analyze network alerts from enterprise sources determining causes of alerts.
• Security reviews, gap analysis and risk mitigation in security architecture.
• Intrusion Detection System / Intrusion Prevention System tools and applications.
• Cloud computing deployment models in private, public, and hybrid on/off prem environment.
• Information technology security principles and methods (e.g., firewalls, DMZ, encryption).
• Network protocols TCP/IP, Dynamic Host Configuration, and Domain Name System.
• Network traffic flows Transmission Control Protocol, Internet Protocol, Open System Interconnection Model, and Information Technology Infrastructure Library.
• Common attack vectors and classes of attacks (passive, active, insider, close-in, distribution).
• Packet-level analysis and collecting data from a variety of cyber defense resources.
Degree (Required or certifications below can be substituted in lieu of):
• BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution.
Certification (Preferred one of the following in lieu of Required Degree):
• Certified Ethical Hacker (CEH).
• CompTIA Cloud+
• CompTIA PenTest+
• CompTIA Security+
• Cisco Certified CyberOps Associate
• CompTIA Cybersecurity Analyst (CySA+)
• CyberSec First Responder (CFR)
• Federal IT Security Professional-Operator-NG (FITSP-O)
• GIAC Certified Enterprise Defender (GCED), Foundational Cybersecurity Technologies (GFACT), Information Security Fundamentals (GISF), Certified Forensics Analyst (GCFA), Certified Intrusion Analyst (GCIA), Defensible Security Architecture (GDSA), Global Industrial Cyber Security Professional (GICSP), Security Essentials Certification (GSEC)
Salary: Based on demonstrated skills and abilities to perform required responsibilities.
Hiring Manager: Gino Wylie, Services Manager, Email: gwylie@strategosconsultingllc.com
Target Start Date: February/March 2025
group id: 10510591
