Share Email Opening
Title

Security Operations Analyst 

EOE StatementWe are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.
 
Req Number KTS18-0044  
Category Information Technology  
Division Koniag Technology Solutions, Inc.  
Location KTS Baltimore  
Description

Koniag Technology Solutions (KTS) is looking an experienced Security Operations Analyst to join our team. This is a direct, full-time position with our company working at our customer’s site. The schedule is Saturday-Wednesday, 8am-4:30pm, to include a 1/2 hr. non-billable meal break. Occasional rotational weekend and/or holiday coverage may be required.

We offer competitive compensation and a comprehensive benefits package including health, dental and vision insurance; 401K; flexible spending accounts; paid holidays and a PTO program, and more.

Must be able to obtain and maintain a client-sponsored HSPD-12 suitability clearance.

Our client employs an intrusion detection solution which is managed in-house. It is a distributed system that consists of strategically placed sensors reporting alerts to a management console. Further analysis and data correlation is performed at centralized data locations. The Intrusion Protection Team (IPT) protects the agency's critical assets by anticipating and leading the response to computer-related threats and vulnerabilities. The goal is to ensure that the client has suitable processes in place to identify inappropriate network behavior within the agency’s Enterprise Network. Network-based intrusion detection furnishes the ability to proactively identify threats. Staff dedicated to this effort provides the continuity of effectiveness necessary for the client to respond to advanced threats and adapt to network changes initiated by other systems components. Correlating events with data collected from other IPT initiatives substantiates a more complete analysis of current network stability against threats.

Essential Duties and Responsibilities

  • Monitor/enforce compliance with documented and distributed agency system security standards
  • Maintain signatures on the Intrusion Detections Systems (IDS) infrastructure and respond to alerts that the sensors generate; assist in the evaluation process if modifications to the encompassing IDS solution are needed
  • Monitor the IDS console for active alerts and determine priority of response. Alerts deemed critical by the client's Activity Manager require that the contractor open a ticket and report the traffic causing the alert to the client's management.
  • Review all incoming IDS alerts and document all identified problems.
  • Analyze all levels of problems and document findings in accordance with the client's procedures.
  • Identify and escalate high-priority problems (problems that may harm the client's systems) to the client's management.
  • Assist with intrusion detection strategies as new systems or network design changes are implemented.
  • Review new technologies and make recommendations pertaining to the current IDS deployment.
  • Identify areas where coverage could be implemented or improved.
  • Provide high-level engineering support remotely in HQ as well as the Remote Operations Communications Centers.
  • Monitor problem ticket queue and reassign problem tickets to the responsible components, if needed.
  • Identify newly discovered vulnerabilities and exploits; apply new intrusion detection signatures as directed by the client's Activity Manager; create custom signatures when needed.
  • Install updates of new signatures.
  • Document newly discovered vulnerabilities and updates in order to show accuracy of and turnaround for detection.
  • Diagnose and provide remediation suggestions to higher level technicians who are on-call 24 hours per day.


In addition, the contractor will provide continued support in the following areas:

  • Review daily log data gathered from various sources, such as sensors alert logs, firewall logs, content filtering logs.
  • Identify possible intrusion attempts or other anomalies.
  • Filter non-threatening network traffic for enhanced reporting accuracy.
  • Manage problem resolution process from initial reporting to resolution.
  • Make determinations of operational impact of a particular threat on agency systems.
  • Recommend immediate corrective actions to higher level network engineers.
  • Assist with remediation, if requested.
  • Respond to new threats; may be required to initiate and assist in drafting remediation strategies.
  • Provide ongoing monitoring of intrusion detection systems and newly developed exploits for Windows and UNIX systems.
 
Position Requirements

Education, Experience and Skills

2-3 years previous experience preferred

  • Mid- to senior-level experience in the following:
    • Monitoring Intrusion Detections Systems (IDS) console for active alerts and determining priority of response
    • Performing preliminary analysis of collected data
  • Active skills in remaining up-to-date on IDS-related technologies, along with an awareness of security-related vulnerabilities and exploits.
  • Experience creating custom intrusion signatures to detect specific network traffic anomalies; requires comprehension of and experience with most viruses and worms which may infiltrate and propagate throughout a large network.
  • Experience populating sensors with newly available signatures when responding to events or management requests.
  • Superlative oral and written presentation skills.
  • Must possess a working knowledge of IDS and the role such systems play in detecting intrusion attempts.
  • Must have a working knowledge of the majority of the skills and technologies annotated above, and must be able to learn, with provided training, those skills and technologies in which he/she lacks the requisite experience.
  • Contractor may be required to report for duty during periods of inclement weather or other emergency situations -- the contractor may be asked to report to an alternate location.

Working Environment & Conditions

This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand; walk; sit; use hands to manipulate, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The work load may require the incumbent to sit for extended periods of time. The incumbent must be able to read, perform simple math calculations and withstand moderate amounts of stress. The duties frequently require lifting or manipulating up to 25 lbs. Specific vision abilities required by the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus.

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or to apply to a position on our website, please contact Heaven Wood via e-mail at accommodations@koniag.com or by calling 703-488-9377 to request accommodations. This contact information is used for accommodation requests only and cannot be used to inquire on a status of your application.

 
Travel Requirements Local  
Security Clearance Must be able to obtain and maintain HSPD-12 Suitability  
About our Company

Offering innovative and cutting-edge IT solutions, Koniag Technology Solutions is uniquely positioned in the federal marketplace. An ANC program combined with the full corporate support of Koniag Inc.’s Government Services Sector, KTS is backed by a full range of industry partners. Innovative technology, highly qualified professionals and proven processes are the hallmarks of KTS. We pride ourselves on delivering exceptional service to our clients and maintaining a supportive environment for team members and partners.

 

Our Equal Opportunity Policy EOE Minorities/Female/Protected Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352  

This position is currently not accepting applications.

To search for an open position, please go to http://koniagsubsidiaries.appone.com/




 


 
Click here for technical assistance.