Share Email Opening
Title

Security Operations Analyst 

EOE StatementWe are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
 
Req Number KTS19-0106  
Category Information Technology  
Division Koniag Technology Solutions, Inc.  
Location KTS Baltimore, MD  
Description

Koniag Technology Solutions is immediately hiring a Security Operations Analyst to work at our customer site in Baltimore, MD. This is a direct, full-time position with our company. The hours are Monday-Friday, 2:30PM-11PM, to include a ½-hr., non-billable meal break. This position is considered Essential/Mission Critical. Employees who are designated Essential/Mission Critical are expected to report to work on time and/or remain at work despite late reporting, early dismissal or closure due to weather conditions.

We offer a competitive compensation and benefits package including health, dental and vision insurance, 401K, flexible spending accounts, paid holidays, and a PTO program.

Must be able to obtain and maintain a client-sponsored HSPD-12 Suitability

The successful candidate will be responsible for monitoring and enforcing compliance with documented and distributed agency system security standards. The Intrusion Protection Team (IPT) protects critical agency assets by anticipating and leading the response to potential computer-related threats and vulnerabilities. The objective of the IPT is to ensure that the client has suitable processes in place to properly identify inappropriate network behavior within the agency’s Enterprise Network. The candidate must have mid- to senior-level experience with the following functions:

  • Monitoring Intrusion Detections Systems (IDS) console for active alerts and determining priority of response
  • Performing preliminary analysis of collected data.

Must possess active skills in remaining up-to-date on IDS-related technologies and an awareness of security-related vulnerabilities and exploits.

Duties and Responsibilities

The client employs an in-house managed intrusion detection solution. This solution is a distributed system that consists of strategically placed sensors reporting alerts back to a management console. Further analysis and data correlation is performed at centralized data locations. The IPT protects the agency's critical assets by anticipating and leading the response to potential computer-related threats and vulnerabilities. Network-based intrusion detection provides the IPT the ability to identify threats in a more proactive capacity. Staffing dedicated to this effort provides a continuity of effectiveness necessary for the client to respond to more advanced threats and to adapt to network changes initiated by other Systems components. In addition, the correlation of events with data collected from other IPT initiatives will substantiate a more complete analysis of current network stability against threats.

The contractor will be responsible for maintaining signatures on the IDS infrastructure and responding to alerts that the sensors generate. The contractor will also assist in the evaluation process if modifications to the encompassing IDS solution are needed.

Contractors shall monitor Intrusion Detections Systems (IDS) console for active alerts and determine priority of response. Alerts deemed as critical by client's Activity Manager will require contractor to open a ticketing system and report back to the client's management on the traffic causing the alert.

The contractor will perform the following:

  • Review all incoming IDS alerts and document all identified problems
  • Analyze all level of problems and document findings in accordance with the client's procedures, which will be provided at the start of the activity
  • Identify and escalate high-priority problems (problems that may cause harm to the client's systems) to the client's management
  • Assist with intrusion detection strategies as new systems or network design changes are implemented in the client's environment
  • Review new technologies and make recommendations as they pertain to the current IDS deployment
  • Identify possible areas where coverage could be implemented or improved
  • Provide high-level engineering support remotely in HQ as well as the Remote Operations Communications Centers
  • Monitor problem ticket queue within the ticketing system and reassign problem tickets to the responsible components if needed
  • Identify newly discovered vulnerabilities and exploits. Apply new intrusion detection signatures as directed by the client's Activity Manager; creating custom signatures when needed
  • Install updates of new signatures
  • Document newly discovered vulnerabilities and updates in order to show accuracy of and turnaround for detection
  • Provide diagnosis and possible remediation suggestions to higher level technicians who are on-call 24 hours per day.

The contractor will provide continued support in the following areas:

  • Review daily log data gathered from various resources such as sensors alert logs, firewall logs, content filtering logs
  • Identify possible intrusion attempts or other anomalies
  • Filter non-threatening network traffic for enhanced reporting accuracy
  • Manage a problem resolution process from initial reporting to resolution
  • Make determinations of the operational impact of a particular threat has on SSA systems
  • Recommend immediate corrective actions to higher level network engineers
  • Assist with remediation, if requested
  • Respond to new threats; may be required to initiate and assist in drafting remediation strategies
  • Provide ongoing monitoring of intrusion detection systems and newly developed exploits for Windows and UNIX systems.
 
Position Requirements

Education, Experience and Skills

  • 1-2 years of related experience preferred.
  • Must possess superlative command of the English language (written and oral) and the ability to articulate English over the telephone, since all assistance is provided via the telephone and documented in the client's ticketing system.
  • Must possess a working knowledge of the majority of the skills and technologies annotated above, and must be able to learn, with provided training, those skills and technologies in which they lack the requisite experience.

Working Environment & Conditions

This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand; walk; sit; use hands to manipulate, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The work load may require the incumbent to sit for extended periods of time. The incumbent must be able to read, perform simple math calculations and withstand moderate amounts of stress. The incumbent may be required to lift and/or move up to 100 lbs., with or without the assistance of mechanical lifts. Specific vision abilities required for the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus.

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or to apply to a position on our website, please contact Heaven Wood via e-mail at hwood@koniag.com or by calling 703-488-9377 to request accommodations.

 
Travel Requirements None  
Security Clearance Must be able to obtain and maintain HSPD-12 Suitability  
About our Company

Offering innovative and cutting edge IT solutions, Koniag Technology Solutions is uniquely positioned in the federal marketplace. An ANC program combined with the full corporate support of Koniag Inc.'s Government Services Sector, KTS is backed by a full range of industry partners. Innovative technology, highly qualified professionals and proven processes are the hallmarks of KTS. We pride ourselves on delivering exceptional service to our clients and maintaining a supportive environment for team members and partners.

 

Our Equal Opportunity Policy EOE Minorities/Female/Protected Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352  

This position is currently not accepting applications.

To search for an open position, please go to http://KoniagSubsidiaries.appone.com




 


 
Click here for technical assistance.