Job Description

　　Insight Global is seeking a TS/SCI Emerging Threats Analyst to analyze current and historical traffic entering the Air Force network using ArcSight (SIEM technology), Centaur, Noesis, Splunk, ELK, Fidelis, Solera, Niksun, Wireshark and other available tools (commercial and government provided), including OSINT and other classified reporting databases, Determine if the network traffic requires further investigation of the Air Force asset(s) in question and correlate various data points using historical network traffic, operational events, reporting patterns, and other data to discern anomalies, patterns, or trends.

　　Other Responsibilities Include:

　　* Perform post intrusion correlation to ensure current incidents are contained and have not spread to other Air Force Bases, networks or enclaves.

　　* Review all IDS/IPS alerts per DoD Customer Operating Instruction (OI) and checklists at the AOL, COOP, or Ops Floor. Conduct host security monitoring, alert review, and intrusion detection analysis for the DoD Network-SOC mission.

　　* Comply with 3rd party MOU/MOA monitoring and reporting requirements. Analyze host DCO events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities.

　　* Monitor security sensors to analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify and correlate security issues/events and review logs to identify intrusions for remediation. Correlate suspicious events with network events, if possible, and data stored within databases and other external DoD resources, including but not limited to Big Data Platform (BDP).

　　* Record who, what, where, why and when for any identified suspicious activity in case management system (CMS) case to enable additional investigations

　　* Conduct 24x7x365 near realtime network security monitoring and intrusion detection analysis for the networks, systems monitored using DoD Customer's selected IDS/IPS capabilities with no more than a 1% error rate.

　　Skills and Requirements

　　* TS/SCI Clearance

　　* IAT Level III Certification

　　* GCFA (GIAC Certified Forensic Analyst) null

　　We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].