Sr. Network Threat Specialist - TS/SCI w/Poly - Columbia, Md. - (GLO0000UF)

  • Jacobs
  • United States-Maryland-Columbia-20351-REM2
  • Jul 27, 2020
Full time Construction

Job Description

Description

 

Jacobs Engineering is seeking passionate professionals skilled in the art of Cyber Security. The Senior Network Threat Specialist should be experienced with and familiar with the day to day operations of a Security Operations Center (SOC), leading forensic investigations, a wide array of CND tools, threat analysis, insider threat detection, tool & rule development, and developing reports.

 

The Senior Network Threat Specialist is instrumental in leading the detection and response to threats and assisting with forensic investigations. The right candidate must be capable of developing detection analytics in different tools in unique environments.

 

 

  • Manage all SOC activities to include – Threat analysis, detection, response & reporting, tool/rule development and tuning, forensics, and customer relations
  • Lead and Manage SOC projects to include design and deployment of new SOC monitoring infrastructure, rules/alert development, and reporting.
  • Develop and mentor threat analysts
  • Identify shortcomings in monitoring/detection, develop courses of action to increase network & end-point visibility
  • Routinely review a wide array of sources for threats or vulnerabilities effecting customers systems, report and recommend remediation actions.
  • Provide in-depth comprehensive reports in response to incidents and forensic investigation. Must be comfortable with briefing executive level leadership on incidents and investigations
  • Work cohesively as a part of an Incident Response Team to quickly resolve incidents
  • Ensure day to day activities such as system checks, alert analysis/remediation, and response to evolving vulnerabilities are completed.
  • Serve as a voting member in the configuration management process, must have a solid understanding of IT systems & the impact changes have to system security and monitoring.
  • Threat hunting, Traffic and log analysis, and correlation

#CJPOST 

 

Qualifications

 

 

 

Experience and Education:

 

TS/SCI w/ poly Required

Bachelor’s degree in cybersecurity or related field

5+ years experience in SOC operations/threat analysis

2+ years experience as a supervisor

Ability to lead small team in threat hunting and incident response

Required IAT Level III (DoD 8570) CISSP or similar

One or more related cyber security certifications (GSEC, GCIA, GCIH)

 

Desired Skills:

 

In-depth knowledge and experience with a wide array of analysis and SIEM tools to include: Splunk, Splunk UBA, Exabeam, Snort, Zeek, TCPDump, Wireshark etc. Candidate should have knowledge and experience with designing and deploying these tools in a production environment.

Experience with rule creation and tuning in tools such as Splunk, Snort, and Zeek.

Familiarity with writing regulation expressions and scripting

Experience with DFIR tools such as FTK, Encase, Autopsy and memory forensics

Familiarity with AWS, Azure, and Google cloud, experience monitoring cloud environments

Skilled in reporting writing and briefing a wide audience

In-depth knowledge of a wide array of IT systems to include: Network protocols and services, Windows systems, *nix systems, VMware, etc.

Ability to review and assess customer developed software & the impact it will have on the organization

 

Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. Learn more about your rights under Federal EEO laws and supplemental language.

 

Primary Location

: United States-Maryland-Columbia-20351-REM2

Travel

: Yes, 10 % of the Time

Job Posting

: Jul 23, 2020, 1:46:59 AM

Job

: Software

Organization

: CMS

Job Type

: Standard

Job Classification: Full-Time Regular

Work Locations

20351-REM2 

 Columbia 21045

Capabilities: Cyber Security