SOC Cyber Fusion SME/Lead Jacobs
Arlington, VA

Job Description

"Jacobs National Security Solutions (NSS) provides world-class IT network and service management capabilities; cutting edge cyber threat awareness and cybersecurity solutions; innovative web- and software applications development; and advanced data analytics for major clients in the Intelligence Community, Department of Defense, and Federal Civilian Agencies.

Our forward thinking solutions deliver an integrated approach to IT network design and management, full lifecycle IT service management, IT service delivery, asset management, logistics and procurement, and vendor management. We leverage the expertise and passion of our employees to conduct identity and access management, penetration testing, and vulnerability assessments for our nation's most closely guarded agencies and networks. Our Cyber Security Operations Centers ensure safe, effective network operations for Federal clients while our data scientists are helping stop illegal acts before they can endanger Americans or our way of life.

Jacobs promotes a culture of operational excellence to create a safer, smarter, and more connected world while upholding the highest standards of compliance, quality and integrity.

We continue to thrive and need your talent and motivation to help propel us farther, faster."

Jacobs is looking for a SOC Cyber Fusion SME/Lead to provide Onsite support in Arlington, VA.

"work up to two days remote support is available"

Duties Include:

* The Cyber Fusion Analyst responsible for Tier III activities for the SOC. Works closely with Threat Intel and Threat Hunting team. Coordinate and proactively drive cyber intelligence analysis and threat hunting activities against the available datasets. Monitor open and restricted sources of information as well as consult with other departments, agencies, and peers. The position also requires cultivating relationships with the aim of gathering intelligence relevant to the environment and its periphery. The Analyst will provide fusion reporting and situational awareness to support the SOC and customers. As a member of a high-tech Security Operations Center, will actively monitor security threats and risks, provide in-depth threat analysis, and evaluate security incidents. The Analyst will utilize the latest in security technology to:
* Serve as a SOC SME and proactively drive hunting and analysis against datasets
* Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
* Use Analytics to identify threats, determine root cause, scope, and severity of each and compile/report findings into a finished analytical product
* Recommend system tuning/customization and data collection improvements to SOC
* Work with and provide guidance to, and train as needed, our Threat Intelligence and Tier 2, Tier 3 Analysts to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis
* Work with the SOC team to improve and expand the toolset
* Assist in incident response
* Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture
* Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus twelve (12) years of directly related experience or any equivalent combination of education, experience, training and certifications.
* Eight (8) years of experience in the development and/or analysis, interpretation, and compliance with federal and agency IT security policies and regulations at progressively increasing levels of responsibility.
* Six (6) years of experience in Information Security. Experience in network monitoring using host-based and network-based intrusion detection systems. Knowledge of computer hardware and operating systems (Windows and UNIX). Knowledge of incident response handling policy and procedures. Knowledge of computer hardware and operating systems. Knowledge of intrusion detection systems and other information security products, regulations, standards, and guidelines.
* Two (2) years of experience integrating, developing or deploying security products in enterprise level technology upgrades. Knowledge of information technology security architectures.
* Demonstrated to advanced operational experience as a Cyber Threat Hunter
* Demonstrated to advanced experience with computer networking and operating systems
* Demonstrated to advanced experience of current threats, vulnerabilities, and attack trends
* Demonstrated to advanced experience working directly with customers to transfer Threat Hunting knowledge
* Familiarity with: Netflow data, DNS logs, Proxy Logs
* Must be able to obtain Public Trust level clearance. (SF-85 and SF-86 submission required)
* Candidates must be willing to work a Mon-Fri, with shifts between 6:00am to 9:00pm in the SOC operational support environment. Once a candidate is selected, shift will be determined based on the business need and current shift opening and may include a requirement to rotate shifts on a periodic basis (e.g. every three months)

Preferred Qualifications

* Desired certifications include, but not limited to: CISSP, FOR578 (Cyber Threat Intelligence), GCIH, GCIA, Security , A , Network , CEH, CISSP, CCNA (Security), or equivalent Certifications
* SOC/CSIRT experience
* Working knowledge of any of the following tools is preferred: Splunk, Carbon Black, PhishMe, Phantom, McAfee EPO, RSA | Security Analytics, ThreatStream, iSight and Wireshark
* Self-motivated and able to work in an independent manner and in team environment
* Excellent oral and written communication skills
* Ability to work under tight deadlines
* Network defense environments and Intelligence Community capabilities
* Excellent analytic abilities and to think creatively when approaching issues
* Strong critical thinking and problem solving skills
* Strong understanding of security monitoring methodologies such as packet capture, patterns, watch lists, black lists, log parsing, correlation, classification, event generation, and filtering
* Leadership and mentoring experience

Essential Functions:

Physical Requirements:

Most work will be done at a desk or computer.

Work Environment:

General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers. Multiple tasks & duties will need to be accomplished without any single duty falling behind or becoming neglected. Must effectively communicate and be communicated with by other team members. Must be able to represent and speak to current group efforts at any given time.

Equipment & Machines:

General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.

Attendance:

Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.

Other Essential Functions:

Must be able to communicate effectively both verbally and in writing

Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.

Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must take and pass a drug test and background check as well as a motor vehicle records check. Must be a US citizen.

#cjpost

#LI-LR1