Job ID: VA-758735 (910890307)
Hybrid/Local Security Analyst (CISSP/CISM 15+) with SIEM, Splunk/Trellix, Network and SOC experience
Location: Richmond, VA (SCC)
Duration: 12 Months
Position: 1(2)
Number of days required on-site: 2 days: Tuesday and Wednesday REQUIRED each week (with rest of the team). Parking is NOT provided for contractors.
Interviews: Mgr will do initial web based IV but reserves the option to do a follow up IN PERSON interview if they deem necessary.
Skills:
Current exp as a Cyber Security Lead or Manager of projects Required 3 Years
Analyzing data across an organization to be able to recreate incident or other events Required 7 Years
Experience overseeing the daily workflow, schedules and assignments of security staff Required 5 Years
Leadership: Uphold integrity, leadership and performance standards as a lead, supervisor or director Required 5 Years
Experience overseeing security siem operations, including creating baselines Required 5 Years
Experience correlating data to triggers to respond/investigate Required 7 Years
Performs routine analysis of traffic, events and log review to ensure baseline is accurate as well identifying any anomalies. Required 7 Years
Experience with using a SIEM (like Splunk or Trellix) Required 5 Years
Experience managing an on-premise SOC (Security Operations Center) Desired
Experience with network and architecture design Desired
CISSP OR CISM preferred Desired
Description:
ABOUT THE ROLE
Lead cybersecurity engineer to help the CIO plan and implement key initiatives as well as manage vulnerabilities and security operations and incidents across the IT team, including responding to threats, ensuring compliance and managing threats with ITD and IS professionals.
Overseeing the day-to-day management of security activities in partnership with IS and IT, including regular reporting to the CIO. This includes daily monitoring of events, logs and/or anomalies with IS and IT staff. Help in managing future architecture designs of networks, applications and environments to ensure data captured is sufficient to help monitor security.
Security Operations Center (SOC) – Security monitoring tool and staff to manage it.
CISSP or CISM would be nice but not mandatory.