Tyto Athene/MindPoint Group is searching for an experienced Security Analyst to support architecture, security operations, and incident response activities for a law enforcement customer in Washington, DC. Tasks are expected to be executed while coordinating with various government teams in mission-critical environments.
Responsibilities:
- Monitor client Managed Security Operations Center (MSOC) queue and email for tickets/requests for system support and vetting requirements (e.g. website access requests, suspicious email reporting, blocked emails, incident requests, hardware/software/mobile application requests, and vulnerability scanning)
- Determine escalation and routing of service requests to the appropriate divisional leads or another appropriate information system queue
- Support ad hoc requests to Security Team
- Assist in determining authorization boundaries and placement of new systems within the Agency’s enterprise architecture
- Perform security impact analyses for proposed changes to assigned systems
- Review IT system plans to ensure designs meet governmental standards and provide an appropriate level of protection for client systems and data
- Conduct gap analysis of system requirements and components
- Develop, document, and review secure baseline configurations for each technology used within the environment
Required:
- Minimum of four (4) years of general work experience and at least two (2) years of relevant experience in functional responsibility
- Bachelor's degree in a technical field from an accredited college/university or equivalent experience
- Experience using a SIEM for analysis
- Experience with at least one of the following: Windows Server 2012/2016/2019, Windows 10, Syslog (rsyslog, syslog-ng, etc), Linux variants (RedHat/CentOS/Ubuntu), Event log collection, VMWare
- Ability to perform online research and comprehend attack signatures while comparing them to network traffic to perform a proper analysis of detections
- Strong analytical and organizational skills
- Experience working in a SOC and performing incident response is preferred.
- Thorough understanding and knowledge of TCP/IP networking
Desired:
- Experience and education preferred in Cybersecurity and networking tools including Check Point, Crowdstrike, Hybrid Analysis, MSOC portal, Proofpoint, Palo Alto, Sumo Logic. and SurePass
- Familiarity with implementing DISA STIGs and CIS Benchmarks preferred
- Experience with Splunk SIEM, Swimlane, Bluecoat, Sourcefire (Snort), VMRay, and Vulnerability MGMT tools such as Qualys
Clearance:
- US Citizenship, Public Trust eligibility required
Location:
- This is a hybrid role with expectations of being on the client site a few days a week in Washington, DC