Cyber Analyst - intrusion detection and content creation/tuning.

Employment Type

: Full-Time


: Advertising/Marketing/Public Relations

Job Description

BAE Systems Global Security Operations Center has a job opening for a senior analyst located in Reston, VA. This position will focus on intrusion detection and content creation/tuning.

Technical requirements:

  • Incident Response experience
  • IDS monitoring/analysis and content creation with tools including Snort and Yara
  • Must be able to read and write Snort signatures at an intermediate/advanced level
  • Must be able to read and write Yara signatures at an intermediate/advanced level
  • Must be able to read and write Regex at an intermediate/advanced level
  • Experience with targeted cyber attack analysis
  • In-depth knowledge of HTTP and headers, SMTP and headers, FTP, SSH, TLS
  • Ability to read and interpret PCAP data both in a GUI and in hexdump format
  • Intermediate experience with Wireshark
  • Intermediate experience with tcpdump
  • Ability to review and interpret host-based alerting
  • Scripting experience with Python or similar preferred
  • In-depth understanding of network security devices/appliances and their operation
  • Working understanding of the Lockheed Martin Cyber Kill Chain®
  • Experience with SIEM platforms (ArcSight) – Including content creation (channels, rules, reports) preferred
  • Ability to perform both static and dynamic malware analysis at a basic level preferred
  • Experience with content creation in Endpoint Tools (e.g. McAfee AV, FireEye HX) preferred
  • Eligibility to obtain/maintain a security clearance

  • Required Skills and Education
  • Snort
  • Yara
  • SIEM
  • Web Application Firewall
  • Incident Response
  • Intrusion Analysis

  • Preferred Skills and Education
  • Python/Perl/PowerShell Scripting
  • CompTIA Network+

  • Launch your career - Create your profile now!

    Create your Profile

    Loading some great jobs for you...