Information Systems Engineer (Senior Data Analyst, Continuous Monitoring)*
This job is no longer active.
View similar jobs.
POST DATE 8/30/2016
END DATE 2/15/2017
INFORMATION SYSTEMS ENGINEER (SENIOR DATA ANALYST, CONTINUOUS MONITORING)*
APS-ARTI LLC (AAJV) is currently recruiting for an Information Systems Engineer (Information Systems Security Senior Data Analyst, Continuous Monitoring) in support of a contract with the Department of State at our Rosslyn, VA location. Position is full-time, exempt. Start date is immediate upon selection and security clearance processing as required. This is an Emergency Essential' position.
This position is located in the Bureau of Diplomatic Security, Office of Information Security, Special Security Office (DS/IS/SSO). The individual applies specialized experience and technical expertise with continuous monitoring of information systems that involves ensuring the detection of malicious insider threat activity providing situational awareness necessary to track intruders compromising the security of enterprise-wide information systems and data. Requirement includes an experienced and technically qualified network security analyst to provide technical expertise for analyzing and reporting information technology security alerts. This includes consultation and leadership with the architectural design, development, deployment, support, performance, tuning, problem analysis, of ArcSight Security Event Manager for identification and determination through resolution of network security alerts in compliance with Federal standards.
PRINCIPAL DUTIES AND RESPONSIBILITIES
Duties and responsibilities include but are not limited to:
* Security alert event configuration and management, continuous monitoring of multiple security technologies such as IDS/IPS, syslog, file integrity, vulnerability scanners, correlating and analyze events, designing, implementing, tuning, and using ArcSight Security Information and Event Management (SIEM) tool to detect IT security incidents, following operational processes and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents, testing new systems compatibility to enable application optimizations system monitoring and analysis, low-level programming and design of more complex features using best practices for development and ensuring effective application across the enterprise.
* The ability to parse through event logs/files to analyze and determine if there is an incident presented in the SIEM format.
* Experience establishing or maintaining network software parameters used for insider threat analysis (for example, ArcSight security authorization tables, configuration definitions, file access tables).
* Have knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files.
* Responsible for insider threat network and host continuous monitoring, traffic analysis, and intrusion detection.
* Undergraduate degree in related field and eight (8) years of insider threat continuous monitoring security experience. Higher applicable education may be substituted for experience and additional years' experience can be substituted for the undergraduate degree.
* Four years of the experience must be in data analysis, incident handling, electronic data discovery, and/or other projects related to network protections.
* Two years' experience must be in systems security to include analysis of technical information to provide threat indicators and trends.
* Any of the following certifications are preferred: ArcSight Certified, Integrator/Administrator (ACIA), ArcSight Certified Security Analyst (ACSA), SANS GIAC GCIA, Intrusion Analyst Certification or Forensics Analyst Certification. Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), Microsoft Certified Systems Engineer (MCSE), Microsoft Certified Solutions Associate (MCSA), Microsoft Certified IT Professional (MCITP), Microsoft Technology Associate (MTA), CompTIA Security+
* Must have excellent written and oral communications skills, and the ability to interact with individuals at all levels.
* Must have excellent organizational skills, and the ability to work independently and as a member of the team.
* Ability to work in a fast-paced environment to meet deadlines and handle pressure situations is a must.
Mandatory Requirement: Applicants selected for this position may be subject to a Government Security Investigation and must meet eligibility for access to classified information, Top Secret/SCI clearance level.
If you are interested in this position, please submit your resume and salary requirements. Our preferred method for receiving your resume is to apply on-line. Apply On-line at: http://www.aajv.com/careers
All qualified applicants will receive equal consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, national origin, age, disability, or protected veteran status. AAJV takes affirmative action in support of its policy to and advance in employment individuals who are minorities, women, protected veterans, and individuals with disabilities. AAJV is also a member of DHS E-Verify Program.