Data Security Analyst – Intermediate

Agile Defense•Fort Huachuca, AZ

About The Position

At Agile Defense we know that action defines the outcome and new challenges require new solutions. Thatâs why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next. Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agilityâleveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nationâs vital interests. We are seeking a highly motivated and experienced Sensor and SIEM administrator to join our Defensive Cyber Infrastructure team. The ideal candidate will be instrumental in protecting our organization by proactively operating and maintaining IDPS appliances and SIEM technologies as well as identifying, analyzing, and assessing alerts generated by IDPS and SIEM technologies and providing vulnerability management of Defensive and SIEM architecture. This role requires a background in cyber security, IT Infrastructure support, and a preference for experience within a military or Department of Defense (DoD) operational environment. Employees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together. What makes us Agile? We call it the 6Hs, the values that define our culture and guide everything we do. Together, these values infuse vibrancy, integrity, and a tireless work ethic into advancing the most important national security and critical civilian missions. It's how we show up every day. It's who we are. We also believe in supporting our employees by offering a competitive and comprehensive benefits package. To explore the benefits we offer, please visit our website under the Careers section.

Requirements

Experience: Minimum of 6+ years of experience in a dedicated Network administration or Server administration role
Core Knowledge: Strong understanding of IDPS technologies, SIEM technologies and security best practices.
Tool Experience: Hands-on experience with security platforms and tools, including Trellix IPS appliances, Tipping point appliances, Suricata or Palo alto next gen firewalls.
Skills: Strong analytical and problem-solving abilities, with a capacity for critical and "outside-the-box" thinking.
Communication: Excellent communication (written and verbal) and collaboration skills, with the ability to work effectively within diverse and cross-functional teams.
Environment: Proven ability to work in a fast-paced security operations environment, effectively managing multiple priorities and deadlines.
Clearance: Must be able to obtain/maintain a Secret T5. clearance.
Candidates must possess one of the following valid certifications prior to start date: Security+ CE or higher, Certified Ethical Hacker (CEH) or CySA+.

Nice To Haves

Military/DoD Experience: Familiarity with U.S. Army policies, procedures, and organizational processes.
Cyber Security Controls: Experience implementing and adhering to cyber security controls, policies, and procedures in a military setting.
Network Analysis: Experience with analyzing network activities, responding to security anomalies, and accurate event reporting. Familiarity with network protocols and architectures.
Endpoint Security: Experience reviewing and analyzing endpoint security events/logs.
Tool Familiarity: Experience in some or all of the following specialized tools: o STIG Viewer o Elastic Kibana o Service Now (Security Operations) o TippingPoint o Trellix products o Palo Alto Firewalls o Wireshark
Operational Environment: Familiarization working in a JMN/JRSS environment.

Responsibilities

IDPS Installation and Maintenance: Working directly with customers to configure and install IPS and IDS sensors as well as maintaining sensor platforms with weekly maintenance and updates.
IDPS Troubleshooting: Monitoring Intrusion Prevention Systems (IPS) and intrusion detection systems (IDS) for alerts and alarms and following Troubleshooting TTPâs and SOPâs for resolution and escalation with vendor.
Generate IDPS Reports and products: Provide customers with weekly sensor reports and produce products based on sensor statistics.
SIEM Configuration: Working with the customers to integrate various log types into the CSSP SIEM and monitoring data feed health.
Cross-Functional Collaboration: Collaborate effectively with internal teams, including Incident Response, Content and Development, and other security operations teams for ongoing security efforts and response strategies.
STIG and Compliance support: Conduct weekly STIG checks on team-maintained appliances and servers, provide patch management as well as updating compliance repositories.
Risk Management: Conduct comprehensive risk assessments to identify potential threats and vulnerabilities within the Defensive Cyber infrastructure division. Develop and implement strategies to effectively mitigate and remediate identified risks.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume