Information Technology Security Operations Analyst (13:BC-D11-015) Lexington, Massachusetts
Solidus is searching for an Information Technology Security Operations Analyst to be responsible for the day-to-day operations of the enterprise security information systems and infrastructure to provide superior protection to information assets.
Responsibilities to include:
1. 50% Duties include but not limited to system troubleshooting, vendor coordination, OS patching and updating. Ensure all devices are under configuration management, receiving signature updates and maintain operational readiness. Monitor performance metrics and log data for continuous improvement and tuning to match current threats.
2. 20% Engineering duties include: Assist in evaluating potential security software, tools or devices. Assist in testing of new network security systems and changes to existing network security devices. Develops, publishes, and maintains system documentation (e.g. Requirements, Design/Build, Testing, and SOP) according to department standards.
3. 15% Must maintain a high degree of knowledge of the latest threats, techniques, and technologies used to exploit and conversely defend Information systems. Participation in external Cyber Security working groups (e.g. FFRDC). Proactively identify any patterns within device and server logs based on research to potentially identify systems of interest or mitigate future risk to systems
4. 15% Assist with Threat Assessment activities to determine level of threat and action to be performed on system of interest. e.g. through analysis of logs. Identify ways to mitigate future risk
- US citizenship and the ability to obtain a DoD Secret Clearance
- BS Computer Science, Information Technologies, Engineering or equivalent experience
- 5+ years of overall IT experience
- 3+ years experience in IT Security roles (Infrastructure & Operations Security, Privacy & Data Protection, Security Management & Operations, Vulnerability Management, Firewall or Intrusion Prevention Operations, Configuration Auditing, Digital Forensics and Investigation )
- Must have experience in management, configuration, tuning, and support of security Infrastructure Systems (e.g. Intrusion Prevention Systems, Anti-Virus, Web Proxy Systems, Full Packet Capture, Online and Offline Malware Analysis Systems and SIEM platform).
- Knowledge of standard log formats for infrastructure devices including proxies, mail services, identity management systems, firewalls, and other network devices.
- Proven ability to script in Perl or Python.
- Experience managing enterprise log management platforms.
- Experience managing and/or administering IDS/IPS systems, Firewalls, Web Proxy and full packet capture systems.
- Excellent written and oral communication skills.
- Demonstrated ability to work in a fast-paced environment at times with minimal supervision and execute operations, project and administrative tasks with a high degree of quality, while following existing processes and establishing new operational procedures and best practices where necessary.
- Demonstrated ability to work with members of other teams and staff to achieve department and organizational goals.
- Strong understanding of network routing and switching and TCP/IP.
- Strong working knowledge of the Linux Operating system
- Good understanding of the Windows Operating system (desktop and server)
- CompTIA Security+, GIAC GCIH or equivalent certification are preferred
- 1+ year experience with enterprise security log and incident management systems
- Occasional off-hour/on-call support is necessary
- Flexibility of schedule is required as some work (planned/unplanned) must be done outside of major production hours during pre-scheduled maintenance windows
Applicants selected must meet eligibility requirements for access to classified information. U.S. Citizenship may be required. Solidus is an Affirmative Action and Equal Opportunity Employer.