INFORMATION SECURITY MONITORING & DETECTION LEAD
- Recruiter
- Direct Staffing Inc
- Location
- Mountain View
- Salary
- Competitive
- Posted
- 25 Sep 2024
- Closes
- 23 Oct 2024
- Job Type
- Information Security
- Employer Sector
- Technology, IT & Telecoms
- Contract Type
- Permanent
- Hours
- Full Time
INFORMATION SECURITY MONITORING & DETECTION LEAD
- Full–time
Information Security
Mountain View, CA
EXP 7–10 yrs
DEG Bach
Job Description:
Our company has been awarded a five year, $400 million dollar contract to provide comprehensive IT services to NASA Ames Research Center located in Mountain View, CA. We are seeking an experienced Information Security Monitoring & Detection Lead to supervise cyber security staff in NASA's Security Operations Center (SOC). US Citizenship is required as this position will have to obtain a US government security clearance.
Responsibilities:
- Supervise the team that monitors Agency systems for incidents and malicious activity in NASA's 24/7/365 Security Operations Center (SOC).
- Provide technical guidance and leadership for the analysis of security events and identification of relevant incidents.
- Develop and maintain the SOC Analyst training and certification program.
- Update and maintain the SOC Analyst runbook, processes, and procedures.
- Generate high quality reports.
- Coordinate with both Tier 1 and Tier 3 teams while providing incident handling and response support for the agency.
- Contribute to SOC projects, process improvement and development of new capabilities.
Requirements (Education, Skills & Abilities):
- BS degree in relevant field/technology or equivalent years of experience.
- 7+ years of progressive experience with increasing responsibilities within a Security Operations environment.
- Experience managing staff in a technical operations center environment (NOC, SOC).
- Experience developing and documenting operational procedures.
- Experience training operations staff for continuous improvement.
- Experience generating security metrics and reports.
- Excellent communication, writing and interpersonal skills.
- Broad information security knowledge, including familiarity with common attack methodologies, tactics and protocols, Advanced Persistent Threat groups and Hacker activity.
- Significant experience in network intrusion detection, including experience using common network monitoring tools – IDS, IPS, SIEM and Syslog.
- Experience with packet capture analysis and common network forensics and analysis tools – Wireshark, Kali, Netcat, TCPDump and NMAP.
- Experience reviewing and analyzing large amounts of raw log data (firewall, network flows, IDS, system logs).
- Familiarity with incident management procedures.
- Possess a strong foundation in networking fundamentals with deeper knowledge of TCP/IP and other core protocols.
- Knowledge of common network based services and common client/server applications.
- Familiarity in a command line environment in all operating systems.
- Excellent problem solving and analytical skills.
- Ability to obtain a government clearance (US Citizenship is required).
Desired Skills:
- Experience managing staff in a mission critical security operations center, preferably 24x7.
- Experience with enterprise level security incident event management tools such as ArcSight, Splunk, or QRadar.
- Experience analyzing phishing attacks.
- CISSP, CEH, GIAC, OSCP are desired certifications.
All your information will be kept confidential according to EEO guidelines.