Network Threat Specialist

Company: Jacobs
Location: Columbia
Posted on: April 10, 2021

Job Description:

Critical Mission Solutions Your mission is our mission. We're invested in you and your success. Everything we do - whether Aerospace, Defense, Intelligence, Information Technology, Cybersecurity, Nuclear, Automotive, or Telecommunications - is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships. It's our promise to challenge the status quo as we redefine how to solve the world's greatest challenges, and transform big ideas into intelligent solutions for a more connected, sustainable world. Design your career with a company that inspires and empowers you to deliver your best work so you can evolve, grow and succeed today and into tomorrow. Your Impact: Jacobs is seeking passionate professionals skilled in the art of Cyber Security. Analysts should be familiar with many different CND tools and capabilities. Analysts are instrumental in detecting, responding to threats, and assisting with forensic investigations. You must be capable of developing detection analytics in different tools. Are you looking for a fast paced environment filled with exciting challenges? Are you looking for a job that allows for growth in many skill sets? This is it! Delivering Critical Mission Solutions for a More Connected, Sustainable World. Jacobs Cyber offers the most advanced, integrated approach to cybersecurity which includes offensive cyberspace operations (OCO), defensive cyberspace operations (DCO) and cyber mission training and exercises. Our Cyber organization has an exciting opportunity for a motivated team member interested in joining elite cyber professionals conducting research and development for organizations such as the DoD, DARPA, and the intelligence community. Our C5ISR organization is comprised of cyber professionals expert in cryptography, cyber analysts, and cyber engineering. #corpli Heres What Youll Need: Responsibilities Include: --- Reports to SOC Team Lead--- Develop threat analytics to aid in detection of emerging threats--- Incident Response Team Member Assist with findings, remediation, and review of events--- Daily checks for CTOC services--- Research on emerging threats using open source data sets--- Splunk Analysis--- Review and Analyze Alerts (Close alerts with speed and efficiency)--- Conduct Threat Hunting when no open alerts are available--- Create data correlations and alerts based on discovered activity--- Review elevated alerts from Jr Network Threat Support Specialists (JNTSS) Tier 1--- Elevate Critical alerts for tier 3 analysis--- Bro Analysis--- Custom Rule Sets Testing and Creation--- Review and analyze alerts--- Review Bro logs for anomalous activity in support of hunting activity--- Snort Analysis--- Testing and review of rules to ensure proper execution against network traffic--- Review and analyze Alerts--- Packet Analysis--- Deep packet inspection in support of hunting activity--- Exercise Execution--- Participate in RED/BLUE exercises and report after action recommendations to Team Lead Desired Skills: --- Familiar with network terminology and protocol behavior--- Familiar with open source CND tools (Bro, Snort, ELK, Moloch)--- Familiar with rule creation based on signature and behaviors--- Familiar with Encase, FTK or other forensic suites--- Familiar with memory forensics--- Familiar with scripting and automation tools and techniques--- Familiar with AWS, Azure, Google Cloud function and networking--- Skilled in *Nix, Windows--- Skilled in Analysis--- Skilled in report writing and briefing senior staff Experience and Education: --- Required active TS/SCI clearance.--- 3+ years of experience in analysis in SOCs or similar Computer Network Defense (CND) capacity (or comparable skills)--- 5+ years of experience in supporting clients in IT Security, Cyber Security or Information Security--- At least experienced in one or more of the following tools: Bro, Snort, Splunk or similar SIEM--- Required: IAT Level II DOD 8410 valid certification--- Preferred: CSSP Analyst or CSSP Incident Responder DOD 8140 valid certification Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. Learn more about your rights under Federal EEO laws (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf) and supplemental language (https://www1.eeoc.gov/employers/upload/eeoc_gina_supplement.pdf) . At Jacobs, were challenging today to reinvent tomorrow by solving the worlds most critical problems for thriving cities, resilient environments, mission-critical outcomes, operational advancement, scientific discovery and cutting-edge manufacturing, turning abstract ideas into realities that transform the world for good. With $13 billion in revenue and a talent force of more than 55,000, Jacobs provides a full spectrum of professional services including consulting, technical, scientific and project delivery for the government and private sector.

Keywords: Jacobs, Baltimore , Network Threat Specialist, Other , Columbia, Maryland