Location: all cities,TX, USA
Insight Global is seeking a TS/SCI Cyber Defense Operator to support and defend a one of the largest DoD Networks. This is a 24/7/365 mission and will work on base and will sit within a Sensitive Compartmented Information Facility (SCIF). Daily TS/SCI Cyber Defense Operator will:
* Review all IDS/IPS alerts per DoD Customer Operating Instruction (OI) and checklists at the AOL, COOP, or Ops Floor. Conduct host security monitoring, alert review, and intrusion detection analysis for the DoD Network-SOC mission.
* Comply with 3rd party MOU/MOA monitoring and reporting requirements. Analyze host DCO events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities.
* Monitor security sensors to analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify and correlate security issues/events and review logs to identify intrusions for remediation. Correlate suspicious events with network events, if possible, and data stored within databases and other external DoD resources, including but not limited to Big Data Platform (BDP).
* Record who, what, where, why and when for any identified suspicious activity in case management system (CMS) case to enable additional investigations
* Conduct 24x7x365 near real‐time network security monitoring and intrusion detection analysis for the networks, systems monitored using DoD Customer's selected IDS/IPS capabilities with no more than a 1% error rate.
REQUIRED SKILLS AND EXPERIENCE
* TS/SCI Clearance
* GCFA Certification (GIAC Certified Forensic Analyst)
* Ability to work a 24/7/365 support mission
* 1-4 years of experience working with DoD customers in Cyber Intrusion or Cyber Defense Operations/Analysis