Overview
Remote
On Site
USD 80,001.00 - 120,000.00 per year
Full Time
Skills
Security clearance
Operations
Security operations
ROOT
Recovery
Mentorship
System on a chip
Workflow
Dashboard
Reporting
SIEM
IT service management
Issue tracking
Management
Ad hoc reporting
Data
Information systems
Computer science
Communication
Incident management
Microsoft Office
Microsoft Outlook
Microsoft PowerPoint
PASS
Criminal justice
ITIL
Unix
Linux
Microsoft Windows administration
Microsoft
Analytics
EnCase
Digital forensics
Endpoint protection
SANS
Cyber security
Threat analysis
Cloud security
Amazon Web Services
Microsoft Azure
Google Cloud Platform
Google Cloud
OCI
Teamwork
Collaboration
Expect
Training
Acquisition
Leadership
SAP BASIS
Policies
Information Technology
Systems engineering
FOCUS
Job Details
Job ID: 2413365-FLEXWORK-NC
Location: REMOTE WORK, NC, US
Date Posted: 2024-10-17
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
Description
SAIC is seeking a Senior Cybersecurity Specialist to join our team providing Cybersecurity services for a major state & local government customer located in Texas. This position reports to our Cybersecurity Operations Director and is a member of the 24x7x365 security operations (SecOps) team. This analyst will have two primary categories of responsibilities: being a technical leader in the incident response and command function and assisting with SIEM administration and engineering. During your tenure, you will learn the technical aspects of running and maintaining a SIEM, such as getting data in, authoring and tuning correlation rules, developing dashboards and reports, ensuring endpoints that are expected to send their logs are actually doing so, and other similar activities. Your primary responsibility will be incident response including how to prepare, detect, respond/contain, mitigate/eradicate, report on, recover from, remediate, and learn from cybersecurity events and incidents in the enterprise. This includes authoring, modifying, and maintaining our internal SOC playbook and associated procedures, as well as have rotating on-call responsibilities.
Primary job responsibilities include:
Driving progress on incident ticket resolution, including, but not limited to:
o Identifying root cause of issue
o Contain ongoing threats
o Directing partner technical service providers in tasks which restore affected systems to their secure baseline
o Coach, guide, and mentor more junior SOC analysts
Cyber Threat Intelligence (CTI) collection, analysis, production, and dissemination, including, but not limited to:
o High Profile Threats and Vulnerability reporting via email and via ticketing workflow
o Industry news relevant to cybersecurity and customer operating environments
o Enrichment of intelligence data with actions taken, recommendations, and other relevant information
Assist SIEM engineering with project-based and routine activities associated with:
o Getting data into the SIEM,
o Developing dashboards and reports
o Authoring new and/or tuning existing correlation rules
o Maintaining oversight of endpoint logging
Provide analysis and reporting of security events and investigations
Coordinate and collaborate with peer technical teams in a multi-vendor environment
Perform Advanced Threat Hunting using automated scanning tools and manually by performing Hypothesis Based Threat Hunting activities; configure SIEM to automate threat hunting activities where possible
Perform Digital Forensic acquisition of data and associated investigation & analysis
Log security incidents and associated work notes in the ITSM ticketing system
Manage security incidents throughout their lifecycle to resolution
Provide support for routine and ad-hoc reporting
Support ad-hoc data call and investigation requests
Qualifications
Required:
Bachelor's degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, or other relevant business or IT field), plus relevant experience.
Excellent and demonstrated oral and written communication skills, including confident and concise oral communications used in leading Security Incident Response Team (SIRT) calls.
Familiarity with syslog-based logging server-side configurations.
Experience with Microsoft Office including Outlook, Word, and PowerPoint.
Obtain the Cybersecurity First Responder certification within 180 days of first day of employment.
==== and able to pass an annual criminal justice background check.
Preferred:
Experience with ITIL, ITIL Foundation or higher certification.
Unix/Linux and/or Windows System Administration.
Familiarity with syslog-based logging client-side configurations.
Demonstrated experience with Microsoft Sentinel, Log Analytics, and other similar and supporting technologies; Current Microsoft Azure and/or security-related certification holders will be given strong preference.
Demonstrated experience with EnCase Digital Forensics/Investigator and Endpoint Security solutions; Current EnCE certification holders will be given strong preference.
ISC 2 , SANS/GIAC, and other industry-recognized cybersecurity certification(s) will be given preference.
Experience and familiarity with Cyber Threat Intelligence (CTI) programs, including indicators of attack, compromise, etc., and associated actions taken to detect and block relevant indicators.
Experience with cloud security concepts within AWS, Azure, Google Cloud Platform, and/or OCI environments.
What we will provide:
On the job training of the customer operating environment and service provider tools.
A strong teamwork-based environment that enables close collaboration and support of each other.
A flexible approach to work schedule.
What we expect from you:
Passion, personality, and persistence - you will provide the drive to learn and grow, while we provide the technical knowledge, and enable reimbursement of costs associated with passing exam fees, course study materials, and other costs based on leadership approval prior to the cost being incurred.
You must be able to provide on-call coverage on both a planned rotation and ad-hoc when issues arise, particularly after training is complete.
Continual learning - you must be willing to continue to learn and grow through acquisition and application of additional coursework toward a new degree program and/or certifications. SAIC will provide reimbursement for a portion of, or the entirety of the costs associated with these approved on a case-by-case basis, based on leadership approval prior to the cost being incurred.
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Location: REMOTE WORK, NC, US
Date Posted: 2024-10-17
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
Description
SAIC is seeking a Senior Cybersecurity Specialist to join our team providing Cybersecurity services for a major state & local government customer located in Texas. This position reports to our Cybersecurity Operations Director and is a member of the 24x7x365 security operations (SecOps) team. This analyst will have two primary categories of responsibilities: being a technical leader in the incident response and command function and assisting with SIEM administration and engineering. During your tenure, you will learn the technical aspects of running and maintaining a SIEM, such as getting data in, authoring and tuning correlation rules, developing dashboards and reports, ensuring endpoints that are expected to send their logs are actually doing so, and other similar activities. Your primary responsibility will be incident response including how to prepare, detect, respond/contain, mitigate/eradicate, report on, recover from, remediate, and learn from cybersecurity events and incidents in the enterprise. This includes authoring, modifying, and maintaining our internal SOC playbook and associated procedures, as well as have rotating on-call responsibilities.
Primary job responsibilities include:
Driving progress on incident ticket resolution, including, but not limited to:
o Identifying root cause of issue
o Contain ongoing threats
o Directing partner technical service providers in tasks which restore affected systems to their secure baseline
o Coach, guide, and mentor more junior SOC analysts
Cyber Threat Intelligence (CTI) collection, analysis, production, and dissemination, including, but not limited to:
o High Profile Threats and Vulnerability reporting via email and via ticketing workflow
o Industry news relevant to cybersecurity and customer operating environments
o Enrichment of intelligence data with actions taken, recommendations, and other relevant information
Assist SIEM engineering with project-based and routine activities associated with:
o Getting data into the SIEM,
o Developing dashboards and reports
o Authoring new and/or tuning existing correlation rules
o Maintaining oversight of endpoint logging
Provide analysis and reporting of security events and investigations
Coordinate and collaborate with peer technical teams in a multi-vendor environment
Perform Advanced Threat Hunting using automated scanning tools and manually by performing Hypothesis Based Threat Hunting activities; configure SIEM to automate threat hunting activities where possible
Perform Digital Forensic acquisition of data and associated investigation & analysis
Log security incidents and associated work notes in the ITSM ticketing system
Manage security incidents throughout their lifecycle to resolution
Provide support for routine and ad-hoc reporting
Support ad-hoc data call and investigation requests
Qualifications
Required:
Bachelor's degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, or other relevant business or IT field), plus relevant experience.
Excellent and demonstrated oral and written communication skills, including confident and concise oral communications used in leading Security Incident Response Team (SIRT) calls.
Familiarity with syslog-based logging server-side configurations.
Experience with Microsoft Office including Outlook, Word, and PowerPoint.
Obtain the Cybersecurity First Responder certification within 180 days of first day of employment.
==== and able to pass an annual criminal justice background check.
Preferred:
Experience with ITIL, ITIL Foundation or higher certification.
Unix/Linux and/or Windows System Administration.
Familiarity with syslog-based logging client-side configurations.
Demonstrated experience with Microsoft Sentinel, Log Analytics, and other similar and supporting technologies; Current Microsoft Azure and/or security-related certification holders will be given strong preference.
Demonstrated experience with EnCase Digital Forensics/Investigator and Endpoint Security solutions; Current EnCE certification holders will be given strong preference.
ISC 2 , SANS/GIAC, and other industry-recognized cybersecurity certification(s) will be given preference.
Experience and familiarity with Cyber Threat Intelligence (CTI) programs, including indicators of attack, compromise, etc., and associated actions taken to detect and block relevant indicators.
Experience with cloud security concepts within AWS, Azure, Google Cloud Platform, and/or OCI environments.
What we will provide:
On the job training of the customer operating environment and service provider tools.
A strong teamwork-based environment that enables close collaboration and support of each other.
A flexible approach to work schedule.
What we expect from you:
Passion, personality, and persistence - you will provide the drive to learn and grow, while we provide the technical knowledge, and enable reimbursement of costs associated with passing exam fees, course study materials, and other costs based on leadership approval prior to the cost being incurred.
You must be able to provide on-call coverage on both a planned rotation and ad-hoc when issues arise, particularly after training is complete.
Continual learning - you must be willing to continue to learn and grow through acquisition and application of additional coursework toward a new degree program and/or certifications. SAIC will provide reimbursement for a portion of, or the entirety of the costs associated with these approved on a case-by-case basis, based on leadership approval prior to the cost being incurred.
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.