Today
Secret
Unspecified
CI Polygraph
IT - Security
Huntsville, AL (On-Site/Office)
Job Description
ECS is seeking a Cybersecurity Analyst (SME) to work in our Huntsville, AL office. Please note: This position is contingent upon contract award.
ECS is seeking a qualified Cybersecurity Analyst (SME) to support cybersecurity operations for the Federal Bureau of Investigation. You will provide leadership and cyber-SME support for the Security Operations Center (SOC) Watch floor Team, playing a crucial role in the FBI's cybersecurity defense strategy.
Operating around the clock, 24/7, 365 days a year, this dynamic team ensures the timely detection and resolution of potential security incidents, thereby minimizing the impact of cyber threats on the organization. The watch floor team is responsible for actively detecting, monitoring, preventing, and analyzing real-time cybersecurity information, events, and threats. Serving as the operational hub of the SOC, the watch floor plays a critical role in safeguarding the confidentiality, integrity, and availability of an organization's information assets.
Responsibilities
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
ECS is seeking a Cybersecurity Analyst (SME) to work in our Huntsville, AL office. Please note: This position is contingent upon contract award.
ECS is seeking a qualified Cybersecurity Analyst (SME) to support cybersecurity operations for the Federal Bureau of Investigation. You will provide leadership and cyber-SME support for the Security Operations Center (SOC) Watch floor Team, playing a crucial role in the FBI's cybersecurity defense strategy.
Operating around the clock, 24/7, 365 days a year, this dynamic team ensures the timely detection and resolution of potential security incidents, thereby minimizing the impact of cyber threats on the organization. The watch floor team is responsible for actively detecting, monitoring, preventing, and analyzing real-time cybersecurity information, events, and threats. Serving as the operational hub of the SOC, the watch floor plays a critical role in safeguarding the confidentiality, integrity, and availability of an organization's information assets.
Responsibilities
- Conduct continuous monitoring of security alerts and events from various sources, such as security tools, logs, and sensors.
- Analyze the data to identify potential security incidents or anomalies.
- Detect and identify security incidents and breaches in real-time or near-real-time.
- Utilize security information and event management (SIEM) systems to correlate data and detect patterns indicative of malicious activity.
- Prioritize, and triage security alerts based on their severity and potential impact.
- Determine whether an alert requires immediate attention and response.
- Initiate incident response procedures for confirmed security incidents.
- Coordinate and collaborate with incident response teams to contain, eradicate, and recover from security breaches.
- Maintain communication with relevant stakeholders, including IT teams, management, and external parties.
- Assist in developing and maintaining data ingestion configurations to collect and parse log and event data from various sources across the organization.
- Ensure that security-related data is appropriately formatted and ingested into the SIEM for analysis.
- Contribute to developing custom searches, correlations, and alerts to identify potential security incidents.
- Create and optimize queries and rules to detect suspicious activities or patterns in the data.
- Build content to monitor and analyze specific security events and incidents based on the organization's security policies and requirements.
- Collaborate with SOC analysts and other security stakeholders to understand the organization's security needs and translate them into actionable use cases.
- Help maintain playbooks and automated responses within the SIEM to support incident investigations.
- Must have a current Top-Secret Clearance with the capability of obtaining SCI / CI-Poly if needed to meet contract requirements
- Expert experience with Splunk Enterprise Security.
- Must currently live within commuting distance to Huntsville, AL or be willing to relocate.
- Ability to work independently and as part of a team.
- 15+ years of relevant experience; OR
- Experience with Microsoft Sentinel
- One or more of the following industry active certifications (or similar):
- GIAC Continuous Monitoring Certification (GMON)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Cloud Threat Detection (GCTD)
- GIAC Cloud Forensics Responder (GCFR)
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
group id: 10112231A
