Description of Task to be Performed: AnaVation is seeking an Incident Response/Security Analyst (Temporary Role) to help our mission-critical customer in Washington, DC. Responsibilities:
|
Required Qualificaitons:
- Bachelor's degree in a related field or equivalent demonstrated experience and knowledge.
- 4 years’ experience as a Security Administrator.
- Hands-on experience conducting incident response activities and vulnerability analysis of various systems, applications, security tools, databases, and networks logs.
- Performing vulnerability scans with tools such as Tenable.
- Experience with Crowdstrike, TenableSC, Splunk. (Experience with comparable tools may be considered).
- Experience with NIST SP 800-61 rev2 Computer Security Incident Handling Guide.
- Excellent oral and written communication skills.
- Familiarity with multi-tiered network applications, common ports and protocols used in those communications, the Common Vulnerability System (CVS) and the exploitation mechanisms of common vulnerability types (e.g., buffer overflows, cross-site-scripting, SQL injection).
- Ability to perform online research and comprehend attack signatures while comparing them to network traffic to perform proper analysis of detections.
- Ability to use common tools such as Wireshark to examine network traffic.
- Ability to obtain and maintain a Top Secret clearance. Qualified candidates must already have an adjudicated Secret Clearance or higher to be considered for this role.
- Certifications: Security + required.
Desired Qualifications:
- Self-Starter – ability to quickly become competent with new security-related tools and processes.
- Ability to conduct Deep Dive analysis to determine root cause assessment of various network scanning agents’ scanning or communication failures.
- Ability to coordinate remediation strategies with agency’s department technical staff through completion.
- Familiarity with the various use cases and alignment of data from each tool to various security disciplines in configuration management, vulnerability management, risk management and incident management.
- Familiarity with encryption technologies used in commercial operating systems, including Public Key Infrastructures, symmetric and asymmetric cryptography, certificate trust stores and the use of key escrow for discovery and legal purpose.
- Understanding of the role of interactive training such as phishing exercises for assessment of organizational abilities.
- Familiarity with the use of data analysis tools, including the use of Microsoft Excel or PowerBI to combine data from multiple sources.
- Familiarity with information security terminology and being able to develop or select technical training in the discipline of information security geared to an organization.
- Familiarity with data management and reporting of training data and statistics using common tools such as Microsoft Excel and Word.
- Generous cost sharing for medical insurance for the employee and dependents
- 100% company paid dental insurance for employees and dependents
- 100% company paid long-term and short-term disability insurance
- 100% company paid vision insurance for employees and dependents
- 401k plan with generous match and 100% immediate vesting
- Competitive Pay
- Generous paid leave and holiday package
- Tuition and training reimbursement
- Life and AD&D Insurance