Intrusion Detection Team Lead - 3rd shift

GovCIO is currently hiring for a 3rd shift (11pm - 7:30am EST) Master Level Cyber Defense Analyst/Intrusion Detection Team Shift Lead onsite in Washington, DC.

• Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client
• Provides timely and actionable sanitized intelligence to cyber incident response professionals
• Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture
• Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks
• Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership

• Bachelor's and 8 years of intrusion detection experience

• Minimum Relevant Experience - The requirement states: 7 years of security intrusion detection examination experience involving a range of security technologies that produce logging data; to include wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs. Working experience of Splunk SIEM. Contractor will have at least two years as a cyber security or security operations shift team leader. At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas of; creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, and working in a SIEM environment.

• Required Certification - The requirement states: Must possess at least one (1) of the following certifications: GIAC Certified Intrusion Analyst (GCIA), EC-Council's Certified Security Analyst (ECSA), GIAC Certified Perimeter Protection Analyst (GPPA), GIAC Certified Enterprise Defender (GCED), Systems Security Certified Practitioner (SSCP), or a Certified Information Systems Security Professional (CISSP). Splunk Fundamentals I & II certification.