Overview
Security Analyst Jobs in Fort Bragg, California, USA at Ampcus Inc
Title: Security Analyst
Company: Ampcus Inc
Location: Fort Bragg, California, USA
Type: Per diem
Category: Security (Cybersecurity, Network Security)
Your primary responsibility is to ensure GNOSC (Government Network Operations and Security Center) customers receive professional service and prompt response to their needs. You will support the 24×7 Floor Operations / working Incident Management tickets, responding to trouble calls/emails from customers, and security analytics of network traffic. Work will be required on all shifts (1st, 2nd and 3rd), weekdays, weekends, evenings, and holidays as needed.
Security incident handling involves investigating issues to determine if there is a real security incident or a false positive, notifying customers as needed, and sending customers standardized emails specifying the steps they need to take to fix the problems. You are often the first to see an issue, or the issue may have been escalated from another team/management.
Device and health monitoring involves troubleshooting network connectivity problems concerning managed security devices, often working with Advanced Support Team engineers and/or vendors/partner technology teams on device replacement/reconfiguration.
Respond to security threats raised through the correlation and analysis of security events from sources such as firewalls, IDS/IPS devices, packet captures, and security logs to include blocking IP addresses at the perimeter firewalls with near real-time response.
Interpret and explain PCAP data and firewall logs.
Work with a USARC customer to assess network changes for vulnerabilities. Address incidents/scenarios dealing with PII, information spills, and stolen assets. Address insider threats, malware, and policy violations following USARC policy.
Performing security analytics of network traffic and providing incident response utilizing the following tools/appliances:
Payload analysis (packet analysis)
Health/alert monitoring (HM/AM)
Splunk
Cisco Client
Blue Coat
Fire Power
Minimum Qualifications:
Security event analysis; experience dealing with customer service requests.
Experience with Cisco Client, Splunk, Cisco ASA, packet capture/payload analysis, Blue Coat.
Additional vendor technology experience a plus.
3-5 years’ experience in a Security Operations Center.
Must be flexible to work in a 7 X 24 environment across all shifts including weekends and holidays.
Comp Tia Security+ CE Certification, CASP, CEH, or CCNA Security Certification REQUIRED.
Active technical certifications in the Security field:
Certified Incident Handler, CCNA Cyber Ops, Splunk.
College degree (two or four year).
Knowledge of ITIL and/or previous work in an ISO operating environment.
#J-18808-Ljbffr
