SRA International, Inc., A CSRA Company Cyber Security Associate in Washington, District Of Columbia
Clearance Level Must Currently Possess:
No Active Clearance Required
Clearance Level Must Be Able to Obtain:
No Active Clearance Required
Help support the Government Accountability Office in its mission to save all US taxpayers money. Our customer is passionate about their mission and we are tasked with keeping their IT services running smoothly, to help them achieve their goals. The auditors in this 4000 user community are subject area experts in all facets of government and industry best practices. We take great pride in supporting their wide scope of technology needs.
Our core hours are from 6 am to 7 pm e.s.t. On call is after hours and weekends and is on a rotating basis among all engineers. Currently that amounts to being on-call at least 1 weekend every 6 weeks
You will assess and evaluate current network computing infrastructure; design, document, test and implement network services and devices, develop and maintain prescribed procedures to be followed routinely in the form of standard operating procedures.
The team is seeking flexible, utility players to support throughout the Network. This may include Security, the Information Management Center, etc. US Citizen or Permanent Resident is required per Government Customer.
The successful candidate must be well-versed in security operations, cyber security tools and intrusion detection. You will be responsible for coordinating resources across the GAO enterprise and consolidating log data into a centralized repository (LogRythem/ Splunk) where they will be correlated, analyzed and enriched by other threat analysts to identify Indicators of Compromises (IOCs), Advanced Persistent Threat (APT) and other unauthorized activities on the VA network.
Provide proactive event monitoring/event management/configuration of the following security tools for targeted threats and malicious activity including but not limited to: Splunk, Palo Alto Networks, McAfee EPO, Websense and Fireeye.
Determine if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation and notify team lead or designate within 15 minutes
Review audit logs and identify any unusual or suspect behavior
Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks
Develop and execute custom scripts to identify host-based indicators of compromise
Provide advanced technical capabilities to senior leadership, including Big Data Analytics, and Predictive Intelligence
Provide proactive APT hunting, incident response support, and advanced analytic capabilities
Profile and track APT actors that pose a threat to the organization in coordination with threat intelligence support teams
Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH)
Proactively monitor SOC provided tools.
Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises Handle incident escalations as necessary from other analysts. Manage incident responses and coordinate remediation with customers
3+ years working in an Enterprise-level IT security department –
Proficient using PCAP
U.S. citizens/Green card ONLY due to government or federal contract requirement.
3+ years security related tools experience i.e. McAfee Epolicy Orchistrator (ePO), Symatec End Point Protectiomn (SEP) and FireEye NX and HX.
Knowledge of threat detection and analysis protocols.
Must be able to collaborate in a team atmosphere and communicate through various technology channels with other team members and end users.
Interpersonal skills including the ability to collaborate effectively, self-awareness, and excellent written and oral communications.
DESIRED QUALIFICATIONS: BS or equivalent + 3 years related experience.
# of Openings:
Scheduled Weekly Hours:
T elecommuting Options:
Telecommuting Not Allowed
USA DC Washington - 441 G St NW (DCC003)
Additional Work Locations:
CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
THINK NEXT. NOW.
CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.
We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.
Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.
We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.