XOR Security is currently seeking a talented senior level Security Analyst to support the Federal Communications Commission NSOC. The NSOC program provides comprehensive Computer Network Defense and Response support through monitoring and analysis of potential threat activity targeting the FCC enterprise. To support this vital mission, XOR staff are on the forefront of providing:
- Enterprise IT Cyber Security Support to include Vulnerability Scanning and Management;
- Enterprise System Monitoring, Analyzing, Detecting, and Defending Support Services;
- Security Incident Response and Reporting Services Support;
- Security Environment Research and Development Support Services;
- Penetration Testing, Phishing Attack, and Cyber Security Training Services.
To ensure the integrity, security and resiliency of FCCs critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would be familiar with intrusion detection systems, intrusion analysis, security information event management platforms, and cyber ticketing management.
The hours for this position are Mon-Fri 9-5pm.
Position is contingent on successfully completing a FCC BI.
- Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering
- Minimum 5+ years of experience in network defense environments
- Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (Attribution, Targeting) and Malware Analysis
- Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts
- Strong logical/critical thinking abilities, especially analyzing network traffic and IDS events for malicious intent.
- Strong proficiency Report writing – a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting
- Ability to work greater than 40 hours per week as needed (occasional night and weekend work required)
- Ability to work on-call for escalated cyber security incidents
- Leads response and analysis efforts on significant security incidents
- Acts as an escalation point for Mid Level analysts as required for monitoring, response, and vulnerability assessment analysis or vulnerability assessment policy creation
- Conducts cyber hunt activities by analyzing threat intelligence and creating content for the SIEM and other monitoring devices
- Analyzes complex log sources for patterns of behavior indicating compromise or attack (DNS, AD, web logs, and netflow from perimeter and internal networking devices) and creates content for the SIEM and other monitoring devices.
- Creates monitoring content or modifying vendor content within the SIEM and other monitoring devices
- Acts as escalation point for complex Malware analysis on malware identified during the course of monitoring and incident response
- Supports Security Training and awareness content, Penetration Testing and Phishing exercises
- Certifications: CEH/GIAC, Security+
- Subject Matter Expertise with Advanced Persistent Threats or Emerging Threats
- Expertise on policies, industry trends, techniques related to penetration testing
- Ability to read and interpret PCAP data
- Active Secret/Top Secret or DHS Agency Clearance
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements – US CITIZENSHIP REQUIRED.