OUR BENEFITS

We provide competitive benefits including heath, dental, long and short term disability, 401(k) plan, and direct deposit as part of your total compensation package.

CURRENT OPENINGS

Are you ready to be challenged and recognized for your achievements? Apply below if you are an ethical, forward-looking person focused on customer satisfaction and delivering on-time solutions.

EQUAL OPPORTUNITY EMPLOYER

SBD is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at SBD will be based on merit, qualifications, and abilities. SBD does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").



Pre-CSIRT Analyst

Location: Stennis Space Center, MS, United States
Date Posted: 06-11-2019
SBD is seeking a Pre-CSIRT Analyst to join our team in support of our DHS customer in Stennis Space Center, MS. 

Responsibilities of Pre-CSIRT include:
  • Monitoring and incident recording, categorization, prioritization, and reporting of security incidents. 
  • Providing coverage to ensure a proactive approach to defending against email attacks and a reactive approach when responding to successful attacks. 
  • Event categorization shall consist of analysis of the incoming data flow from security devices and searching data for indications of anomalous events. 
  • Track all security incidents via SwimLane, ServiceNow and the DHS portal. Incident recording shall include, but not be limited to the following data:
    • Source/Destination IP address
    • Protocol/Port number
    • Date & Time with time zone
    • Event Name
    • Event Priority/Level
    • Payload or Dataflow
    • Session Duration
    • Remediation Action Implemented
    • Root Cause Analysis
  • Develop and maintain formal, documented SOC SOPs that are delivered for review and approval when developed or modified.
  • Investigate and positively identify anomalous events that are detected by security devices or reported to the SOC from external entities, other DHS Components, system administrators, and the user community via security monitoring platform and tools, incoming phone calls, emails, workflow ticketing, and assignment tools.
  • Analyze suspicious web or email files for malicious code discovered through SPAM email monitoring and any other available sources.
  • Determine indicators, including command and control channels, for malicious code.
  • Provide recommendations specific to tactical Internet filtering or other measures to mitigate cyber threats.
  • Create the following reports which will be submitted to DHS daily (Monday – Friday) and per event or incident basis:
    • Security Summary report of open and closed incidents
    • Incident Resolution Emails for all Event and Incidents (Per Case)
  • Monitor all SOC mailboxes (not individual user mailbox contents) to detect phishing attacks as well as any suspicious outbound message originating from DHS accounts.
  • Participate in a daily conference call providing updates to DHS and Component SOCs regarding phishing attacks and other critical issues related to email security.


Requirements:
  • US Citizenship is required.
  • Must have an active DoD Top Secret Clearance or be able to obtain one.
  • Must be able to obtain a DHS-specific Entrance on Duty (EOD) clearance.
  • At least one of the certifications listed:  A+, Network +, Security + or CISSP.
Solutions By Design II, LLC (SBD) is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at SBD will be based on merit, qualifications, and abilities. SBD does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, IWDs, Veteran Status or any other characteristic protected by law (referred to as "protected status").
this job portal is powered by CATS