Overview
Junior Security Analyst (Secret Clearance Required) Jobs in Herndon, VA at Fusion Technology LLC
Title: Junior Security Analyst (Secret Clearance Required)
Company: Fusion Technology LLC
Location: Herndon, VA
Junior Security Analyst (Shift)Who is Fusion Technology?Fusion Technology is a performance-driven HUBZone Small Business concern residing in the heart of the beautiful mountainsides of West Virginia, steps away from the Federal Bureau of Investigation’s Criminal Justice Information Services Division’s Headquarters. Founded in 2007 by an Engineer-by-trade, Fusion Technology dedicates our valuable resources to providing comprehensive IT services and solutions to mission-critical US Government programs and the Intel Community.
What will you do in this role?
You will monitor and analyze security events and alerts reported by the Agency SIEM on a 24×7 basis to identify and investigate suspicious or malicious activity, or other cyber events which violate Agency policy.
You will be responsible for analyzing logs and events from any other device types which may send logs or events to the SOC in the future. Non-traditional device feeds will deliver data to the SIEM architecture (e.g., Human Resources (HR) data, badging information, and physical security devices, etc.).
You will provide documentation detailing any additional information collected and maintained for each security investigation.
You will record all artifacts (i.e. emails, logs, documents, Uniform Resource Locators (URLs), screenshots, etc.) associated with all security events and incident investigations within the SOC incident and tracking application.
Who are you?
Required Skills & Qualifications:
At least one year of experience working in a Security Operations Center (SOC) or Network Operations Center (NOC) environment performing security event monitoring and analysis
Working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks.
Must possess a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
Must be capable of analyzing security logs and events from the following types of devices such as, but not limited to: Firewalls (FWs), Intrusion Detection Sensors/Intrusion Prevention Sensors (IDS/IPS), Host-based Intrusion Detection System/ Host-based Intrusion Prevention System (HIDS/HIPS), proxy/web filter, vulnerability scans, routers, router Internet Protocol (IP) accounting systems (i.e., Cisco NetFlow), Virtual Private Network (VPN) gateways/concentrators, server event logs, e-mail and host anti-virus, desktop security monitoring agents, anti-virus servers, IP services (i.e. Domain Name System (DNS) Services, Dynamic Host Configuration Protocol (DHCP), network address translation devices, MDM (e.g. cellphones), Public Key Infrastructure (PKI), and cloud security infrastructure (e.g. Amazon Web Services (AWS), Azure, Oracle, Salesforce, etc.)
Education/Certification Requirements –
Clearance Requirements: Active SECRET
High school diploma
Certification(s): Security+, GCIH, CEH, or CYSA+ is desired
Experience with Splunk query language
Experience with IDS/IPS/firewall/security configurations and signature development
Experience with PCAP analysis
Experience with Tanium threat response
Ability and prior experience with analyzing information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents. This includes the identification of malicious code present within a computer sys…