INFORMATION SECURITY MONITORING & DETECTION LEAD - Direct Staffing : Job Details

INFORMATION SECURITY MONITORING & DETECTION LEAD Full-timeInformation SecurityMountain View, CAEXP 7-10 yrsDEG BachJob Description:Our company has been awarded a five year, $400 million dollar contract to provide comprehensive IT services to NASA Ames Research Center located in Mountain View, CA. We are seeking an experienced Information Security Monitoring & Detection Lead to supervise cyber security staff in NASA's Security Operations Center (SOC). US Citizenship is required as this position will have to obtain a US government security clearance.Responsibilities:Supervise the team that monitors Agency systems for incidents and malicious activity in NASA's 24/7/365 Security Operations Center (SOC).Provide technical guidance and leadership for the analysis of security events and identification of relevant incidents.Develop and maintain the SOC Analyst training and certification program.Update and maintain the SOC Analyst runbook, processes, and procedures.Generate high quality reports.Coordinate with both Tier 1 and Tier 3 teams while providing incident handling and response support for the agency.Contribute to SOC projects, process improvement and development of new capabilities.Requirements (Education, Skills & Abilities):BS degree in relevant field/technology or equivalent years of experience.7+ years of progressive experience with increasing responsibilities within a Security Operations environment.Experience managing staff in a technical operations center environment (NOC, SOC).Experience developing and documenting operational procedures.Experience training operations staff for continuous improvement.Experience generating security metrics and reports.Excellent communication, writing and interpersonal skills.Broad information security knowledge, including familiarity with common attack methodologies, tactics and protocols, Advanced Persistent Threat groups and Hacker activity.Significant experience in network intrusion detection, including experience using common network monitoring tools - IDS, IPS, SIEM and Syslog.Experience with packet capture analysis and common network forensics and analysis tools - Wireshark, Kali, Netcat, TCPDump and NMAP.Experience reviewing and analyzing large amounts of raw log data (firewall, network flows, IDS, system logs).Familiarity with incident management procedures.Possess a strong foundation in networking fundamentals with deeper knowledge of TCP/IP and other core protocols.Knowledge of common network based services and common client/server applications.Familiarity in a command line environment in all operating systems.Excellent problem solving and analytical skills.Ability to obtain a government clearance (US Citizenship is required).Desired Skills:Experience managing staff in a mission critical security operations center, preferably 24x7.Experience with enterprise level security incident event management tools such as ArcSight, Splunk, or QRadar.Experience analyzing phishing attacks.CISSP, CEH, GIAC, OSCP are desired certifications.All your information will be kept confidential according to EEO guidelines.#J-18808-Ljbffr