Information Security Monitoring & Detection Lead

Information Security

INFORMATION SECURITY MONITORING & DETECTION LEAD 

Mountain View, CA

EXP 7-10 yrs

DEG Bach

Job Description.

Our company has been awarded a five year, $400 million dollar contract to provide comprehensive IT services to NASA Ames Research Center located in Mountain View, CA.

From cloud computing & network/information security to systems administration and technology development, we are encouraging talented IT & Software professionals to explore the vast opportunities available on this NASA contract.

We are seeking an experienced Information Security Monitoring & Detection Lead to supervise cyber security staff in NASA’s Security Operations Center (SOC). Join our growing team in supporting NASA's SOC at Ames Research Center in Mountain View, CA. US Citizenship is required as this position will have to obtain a US government security clearance.

Responsibilities

• Supervise the team that monitors Agency systems for incidents and malicious activity in NASA’s 24/7/365 Security Operations Center (SOC)

• Provide technical guidance and leadership for the analysis of security events and identification of relevant incidents

• Develop and maintain the SOC Analyst training and certification program

• Update and maintain the SOC Analyst runbook, processes, and procedures

• Manage SOC Analyst schedules

• Generate high quality reports

• Coordinate with both Tier 1 and Tier 3 teams while providing incident handling and response support for the agency

• Contribute to SOC projects, process improvement and development of new capabilities

Requirements (Education, Skills & Abilities)

• BS degree in relevant field/technology or equivalent years of experience

• 7+ years of progressive experience with increasing responsibilities within a Security Operations environment

• Experience managing staff in a technical operations center environment (NOC, SOC)

• Experience developing and documenting operational procedures

• Experience training operations staff for continuous improvement

• Experience generating security metrics and reports

• Excellent communication, writing and interpersonal skills

• Broad information security knowledge, including familiarity with common attack methodologies, tactics and protocols, Advance Persistent Threat groups and Hacker activity 

• Significant experience in network intrusion detection, including experience using common network monitoring tools - IDS, IPS, SIEM and Syslog

• Experience with packet capture analysis and common network forensics and analysis tools - Wireshark, Kali, Netcat, TCPDump and NMAP

• Experience reviewing and analyzing large amounts of raw log data (firewall, network flows, IDS, system logs)

• Familiarity with incident management procedures

• Possess a strong foundation in networking fundamentals with deeper knowledge of TCP/IP and other core protocols

• Knowledge of common network based services and common client/server applications

• Familiarity in a command line environment in all operating systems

• Excellent problem solving and analytical skills

• Ability to obtain a government clearance (US Citizenship is required)

Desired Skills

• Experience managing staff in a mission critical security operations center, preferably 24x7

• Experience with enterprise level security incident event management tools such as ArcSight, Splunk, or QRadar

• Experience analyzing phishing attacks

• Scripting (Python, Perl or Shell)

• CISSP, CEH, GIAC, OSCP are desired certifications

All your information will be kept confidential according to EEO guidelines.

Direct Staffing Inc