Cyber Analyst - intrusion detection and content creation/tuning.
Employment Type: Full-Time
Industry: Advertising/Marketing/Public Relations
BAE Systems Global Security Operations Center has a job opening for a senior analyst located in Reston, VA. This position will focus on intrusion detection and content creation/tuning.
Technical requirements: Incident Response experience IDS monitoring/analysis and content creation with tools including Snort and Yara Must be able to read and write Snort signatures at an intermediate/advanced level Must be able to read and write Yara signatures at an intermediate/advanced level Must be able to read and write Regex at an intermediate/advanced level Experience with targeted cyber attack analysis In-depth knowledge of HTTP and headers, SMTP and headers, FTP, SSH, TLS Ability to read and interpret PCAP data both in a GUI and in hexdump format Intermediate experience with Wireshark Intermediate experience with tcpdump Ability to review and interpret host-based alerting Scripting experience with Python or similar preferred In-depth understanding of network security devices/appliances and their operation Working understanding of the Lockheed Martin Cyber Kill Chain® Experience with SIEM platforms (ArcSight) – Including content creation (channels, rules, reports) preferred Ability to perform both static and dynamic malware analysis at a basic level preferred Experience with content creation in Endpoint Tools (e.g. McAfee AV, FireEye HX) preferred Eligibility to obtain/maintain a security clearance Required Skills and Education Snort Yara SIEM Web Application Firewall Incident Response Intrusion Analysis Preferred Skills and Education Python/Perl/PowerShell Scripting CompTIA Network+ CCENT/CCNA OSCP/OSCE GCIH/GPEN/GCFA/GCFE/GWAPT
Loading some great jobs for you...