Overview

This position is responsible for supporting vulnerability management, threat management, security awareness, and incident response processes.

Responsibilities

• Investigating daily security alerts.
• Research, extraction, and dissemination of open source intelligence (OSINT) on threat actors targeting the aviation industry.
• Performing threat analysis, threat hunting and advanced analytic activities.
• Submitting observed threat information to information sharing networks including US-CERT and the Aviation ISAC.
• Reviewing security and threat intelligence bulletins from open and other intel sources.
• Importing threat indicators into our monitoring systems.
• Conducting vulnerability scanning and reporting results.
• Maintenance of vulnerability scanning tools.
• Conducting simulated phishing campaigns.
• Documentation of methods and procedures.
• Perform penetration testing on applications, infrastructure and recommend action plans.
• Review patch releases from vendors including Microsoft and assess risk and recommended actions to patch bulletins. Work with operations groups to orchestrate patch deployments.
• Monitor security alerts from LogRhythm SIEM across a 3500 user WAN for potential intrusions and security policy breaches.
• Assist with the development, implementation, and tuning of monitoring SIEM use cases as needed upon emergence of new applications, vulnerabilities, threats, and policies.
• Develop signatures and alert rules for detecting and blocking threats.
• Support the incident response process by providing advanced analysis services when requested including recommendation of containment and remediation processes, independent analysis of security events, and reporting of identified incidents.
• Maintain incident response documentation.
• Provide guidance and education to other groups within the Information Technology function, including Infrastructure Architecture, Application Development, Network Operations, System Operations, and Help Desk.
• Provide off-hour support as required.

Qualifications

• B.S. Degree in Computer Science or related field and/or 3 to 5 years related experience.
• A minimum of 3 years of experience working with IT security monitoring and vulnerability management.
• Experience preparing and/or presenting reports and briefings is required.
• Must be able to obtain and maintain a US Government security clearance.
• Understanding of common vulnerabilities and exploits is required.
• Knowledge of the cyber threat landscape including types of adversaries and the motivations that drive them is required.
• Experience analyzing security events and differentiating between incidents and non-incidents is required.
• Experience in configuring and operating vulnerability scanning tools such as Nessus, Tenable, Burp Suite etc. is required.
• Proficiency in both Windows and Linux is required.
• Penetration testing experience strongly desired.
• Experience in SIEM technologies such as ArcSight, LogRhythm is desired.
• Experience with threat hunting and cyber intelligence is desired.
• Experience with malware analysis and reversing is desired.
• Strong understanding of the TCP/IP protocol suite, OSI model, and network services such as DHCP and DNS; layer 2 and 3 networking technology and protocols is desired.
• Excellent oral and written communication skills.
• Must be self-motivated and able to work both independently and as part of a team.
• CISSP or GIAC (GSEC, GCIA, GCFA, GCIH, GREM, GPEN) or similar certification strongly desired.

The Company is an Equal Opportunity Employer. It is our policy to afford equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, national origin, citizenship, place of birth, age, disability, protected veteran status, gender identity or any other characteristic or status protected by applicable in accordance with federal, state and local laws.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law document at http://www1.eeoc.gov/employers/poster.cfm.

To view our Pay Transparency Statement, please click here: Pay Transparency Statement