CASY-MSCCN Jobs

Description

ISMA Sr Cyber Security Engineer

The Internal Security Monitoring & Alerting (ISMA) team brings internal visibility and oversight as an Internal Security Operations Center (ISOC). The team utilizes various computer programs and specialized technological processes to conduct continuous security monitoring and improve the organization’s security posture while preventing, detecting, and responding to cybersecurity threats.

KEY RESPONSIBILITIES

· Perform security assessments, respond to alerts, conduct investigations, and utilize ISMA tools daily.

· Complete Core Countable Metrics and input metrics by a daily deadline.

· Accountable for work tasks, projects, requested tasks, required trainings, and meetings.

· Check and respond to email and/or communicate with clients within a timely manner.

· Attend and participate in audit and assessment requirements

• This encompasses legal requirements or laws, regulations, policies, procedures such as but not limited to Executive Orders, NIST, VA policies and procedures, etc. and providing evidence artifacts and presenting information on compliance.

· Review and stay up to date on Cybersecurity Executive Orders, NIST, policies and procedures, and ISMA policies, SOPs, and playbooks.

· The ISMA Team may receive new tools which will require us to learn, assist with setup/configuration, etc.

· Examine daily Security Information and Event Management (SIEM) system reports (i.e. FTP/Telnet reports, etc.) and update master report.

· Analyze Cybersecurity Operations Center (CSOC) bulletins, Zero-Day Bulletins, and CSOC SAR reports and follow up on actionable items.

· Complete Privacy and Security Event Tracking System / Cybersecurity Evaluation Tool (PSET / CSET) ticket investigations if applicable.

· Examine daily Security Information and Event Management (SIEM) system reports (i.e. FTP/Telnet reports, etc.) and update master report.

· Utilize Network Detection and Response (NDR) tool to monitor, analyze, respond to alerts, and investigate and resolve alerts daily.

· Conduct security monitoring, investigate, and respond to Endpoint Detection and Response (EDR) alerts received via email daily.

· Bi-Monthly manual review of Web Applications, Server Logs, and Security Logs on a rotating basis for external service line applications.

· Conduct desktop scan analysis and reports

KEY SKILLS

· Relevant Cyber Security certifications such as CompTIA Security+, CYSA+, CISM, CASP+CE, CEH, etc.

· Experience in providing information for audits and assessments

· Experience in Cyber Security investigation and Digital computer forensics

· Experience in designing and implementing systems that meet agency Cyber Security policy and regulations

· Extensive experience in Cyber Security tools, network topologies, intrusion detection, PKI, and secured networks

· Willingness to learn new things, work on new certifications, and continuous learning

· Foster an innovative and inclusive team-oriented work environment

· Strong verbal and written communication skills

· Comfortable working under pressure and handling multiple tasks simultaneously

· Experience working in a fast-paced environment with ability to adapt to changes

Qualifications

REQUIRED QUALIFICATIONS

• · Bachelor’s Degree in computer science, electronics engineering or other engineering, or other technical discipline; Master’s Degree preferred

• Bachelors and 5 years experience or a Masters Degree and 3 years experience.

• 10+ years of relevant experience

• Additional 10+ years of relevant experience may be substituted for education

• The ability to obtain and maintain a Public Trust Clearance based on the Department of Veterans Affairs guidelines.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site. REQNUMBER: 2405566-US-United_States