Website Authenta Tech Solutions
Powered by Innovation. Driven by Security. Designed for Tomorrow.
Authenta Tech Solutions – a Cybersecurity and IT-based consulting firm that specializes in providing security solutions to federal, state, local, and commercial customers nationwide – is hiring a full-time CSIRT Analyst.
Authenta Tech Solutions is a certified woman-owned, small business that provides full-scope cyber security solutions customized to your organization. With a team of highly trained IT professionals, we hold major industry standard certifications and designations to match our many years of experience. Providing top-quality service is important to us and we prioritize you always. We are on the frontier of using cybersecurity technologies to secure mission platforms and with your organization’s information security and compliance in mind, we utilize our customized processes to align your business operations and governance processes. Our goal is to ensure that your organization’s information system is secure, is compliant with regulatory standards and stays compliant.
Seeking a CSIRT Analyst to join our team supporting our federal customer. CSIRT is the primary entity of the SOC and the heart of Incident Response Operations. They are responsible for monitoring, incident recording, and reporting of cyber security events or incidents. The goal of CSIRT is to minimize and control the damage resulting from cybersecurity events or incidents, provide effective guidance for response, coordinate recovery activities, and work to prevent future incidents from occurring. Additionally, they provide coverage to ensure a proactive approach to defending against email attacks and a reactive approach when responding to successful attacks.
- Provide 24x7x365 on site coverage monitoring and incident recording of security alerts and security event information received from all of our customer’s security feeds, tools and designated system logs in near real time;
- Track all security incidents via Swimlane, ServiceNow and DHS ECOP;
- Provide remedial recommendations and produce consistent comprehensive reports on findings. Activities include:
- Traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends, and patterns affecting our customer’s networks
- Analysis and recommendation of hardware and/or software tools that will assist in traffic analysis
- Implementation, training, and SOP development and maintenance of implemented solutions
- In-depth Web log analysis to determine trend, patterns, and suspicious activity
- Pattern analysis, trend analysis, behavior analysis, and other specialized analysis
- Reporting results of all analyses to the SOC GWO and PM
- Coordinate and advise on incident response actions taken by Incident Response Handlers for incidents affecting their areas
- Develop and maintain formal, documented SOPs that are delivered for the SOC GWO’s review and approval when developed or modified. SOPs provide the operational basis for the customer’s SOC Concept of Operations (CONOPS)
- Investigate and identify anomalous events that are detected by security devices or reported to the SOC from external entities, other DHS Components, system administrators, and the user community via Security Orchestration and Automation Response (SOAR) platform security tools, incoming phone calls, emails, and SNOW/ECOP tickets
- Analyze suspicious web or email files for malicious code discovered through SPAM email monitoring and any other available sources
- Determine indicators, including command and control channels, of malicious code
- Collaborate with the Malware Analysis team to dissect Targeted Spear Phishing attacks from general mass email attacks
- Familiarity with the following tools desired:
- McAfee EPO
Education/Years of Experience:
- Bachelor’s Degree and a minimum of 1 year of applicable experience is required. 4 years of additional applicable experience may substitute for a degree.
- Must have at least one active certification to include: Security+CE, ISC2 CISSP or other comparable certification approved by the customer
- Must be a US Citizen able to obtain an Agency-specific clearance prior to starting
- Must also be able to obtain a DoD Top Secret Clearance (this can be done while working on the program)
AUTHENTA TECH SOLUTIONS COMPANY BENEFITS
- Health insurance.
- Dental insurance.
- 11 days of personal leave plus paid federal holidays.
- Professional development and training assistance.
Authenta Tech Solutions, LLC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.