Catapult Consultants is now hiring Network Security Specialists (multiple levels). The Network Security Specialist monitors, evaluates, analyzes, documents and/or reports vulnerabilities/anomalies in network event data, signature-based IDS events and full packet capture (PCAP) data. Conducts analysis using SNORT software. Responsibilities and qualifications may change based on level.
Requirements that candidates will be evaluated against:
- Technical analysis of network activity; the analyst monitors and evaluates network event data, signature-based IDS events and full packet capture (PCAP) data.
- Triage IDS alerts; collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, prepare initial summary reports.
- Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity• Document key event details and analytic findings in an incident management system.
- Provide oversight and assessment of incident response and triage actions across a large enterprise• Identify & extract network indicators from incident reporting and published technical advisories/bulletins.
- Perform incident correlation & escalation.
- Recommend new IDS signatures and detection strategies.
- Produce final reports and review incident reports from other analysts.
- Assess cyber indicators/observables and collaborate in the development of IDS signatures and detection mechanisms.
- Provide technical assessments of cyber threats and vulnerabilities.
- Fuse open-source threat & vulnerability information with data collected from sensors across the enterprise.
- Develop, maintain and update standard operating procedures.
- Provide routine status updates for ongoing projects, trouble tickets, incidents, and other related tasks.
- Research and evaluate emerging capabilities.
- Ensure that all alerts are monitored, interpreted, analyzed, and investigated.
- Utilize external reporting tools for threat intelligence.
- Monitor all security-relevant logs and alerts for signs of compromise, attack, or system misuse and policy violations.
- Innovate new methods to use existing tools and data sources, and identify and obtain new data sources, to detect cyber intrusions.
Preferred Qualifications or Skills:
- Bachelor’s degree.
- Active Top Secret Security Clearance with ability to obtain a DHS SCI, as well as obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.
- Experience in planning and/or directing projects/operations in a 24x7 SOC.
- Experience providing metrics and reports from a SIEM.
- Demonstrated proficient knowledge of industry standards and best practices within Intrusion Detection.
- Experience with researching and fielding new and innovative technology.
- Experience managing IT systems.
- DODD 8570 Level II certification (SANS certifications, CISSP).
- Experience leading and managing within SOC/NOC operations.
- Familiarity with Kill Chain for incident response.
- Familiarity with malware analysis.
- Familiarity with forensics.
- Familiarity with incident response products and best practices.
- Experience with database (e.g. MS Access, SQL) and/or portal administration (e.g. SharePoint).
- Customer service experience.
- While performing the duties of this job the employee is regularly required to sit and use hands to finger, handle, or feel while typing at a computer keyboard.
- The employee is occasionally required to stand, walk, reach, or lift objects up to 10 pounds.
- The employee is frequently required to talk or hear. The vision requirements include: close vision.
Catapult Consultants is an Equal Opportunity Employer. We believe that every employee has the right to work in a dignified work environment free from all forms of discrimination and harassment. It’s our policy to recruit, employ, retain, compensate, train, promote, discipline, terminate and otherwise treat all employees and job applicants based solely on qualifications, performance, and competence. This policy reflects our belief that providing equal opportunities for all employees is a both our legal and moral responsibility, and good management practice.
All employees and applicants are treated without regard to age, sex, color, religion, race, national origin, citizenship, veteran status, current or future military status, sexual orientation, gender identification, marital or familial status, disability or any other status protected by law.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.