Network Security Specialist

Information Technology Fairfax, Virginia Job ID: 2017-154


STG, Inc. has an immediate opportunity as a Network Security Specialist located in Fairfax Virginia. This position will support Department of Homeland Security, which provides cutting edge Cyber, Information Assurance and Security Services.

The selected applicant will become part of the United States Computer Emergency Readiness Team (US-CERT), responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities. US-CERT provides advanced network and digital media analysis expertise and defends against malicious activity targeting networks within the United States and abroad.

Position Description:

Technical analysis of network activity; the analyst monitors and evaluates network flow data, signature-based IDS events and full packet capture (PCAP) data. Triage IDS alerts; collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, prepare initial summary reports. Monitor and analyze signature-based IDS alerts and associated packet (PCAP) data. Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity. Lightweight programming/scripting skills to automate analytics are a plus. Document key event details and analytic findings in an incident management system.

Perform high-level incident handling functions to include: Provide oversight and assessment of incident response and triage actions across a large enterprise, Identify & extract network indicators from incident reporting and published technical advisories/bulletins, Perform incident correlation & escalation.

  • Recommend new IDS signatures and detection strategies.
  • Produce final reports and review incident reports from junior analysts.
  • Communicate and collaborate with analysts from other SOC organizations to investigate cyber events.
  • Assess cyber indicators/observables and collaborate in the development of IDS signatures and detection mechanisms.
  • Monitor and report on trends and activity on network sensor platforms.
  • Provide technical assessments of cyber threats and vulnerabilities.
  • Fuse open-source threat & vulnerability information with data collected from sensors across the enterprise.
  • Produce and update network analysis and incident handling documentation.

Basic Qualifications: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below.  This requisition may be filled at a higher grade based on qualifications listed below.   

  • Bachelor’s Degree in Computer Science or a related technical field
    • 2 years related technical experience required for the level 2 role
    • 5 years related technical experience required for the level 3 role
    • 9 years related technical experience required for the level 4 role
    • 15 years related technical experience required for the level 5 role
  • Active Top Secret Security Clearance with SCI eligibility is required.  In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.
  • Moderate/expert knowledge of security concepts, protocols, processes, architectures and tools (authentication & access control technologies, intrusion detection, network traffic analysis, SIM technology, incident handling, media/malware analysis, etc).
  • Moderate/expert knowledge of networking concepts, protocols and architectures (OSI-model, TCP/IP, major application protocols such as DNS/HTTP/SMTP, LAN/WANs, VPNs, routers/routing, addressing, etc).
  • Ability to produce results in a fast-paced environment with the ability to meet iterative deadlines.
  • CISSP, GSE, GCIA, GCIH or other related professional certifications

Preferred Qualifications: Candidates with these preferred skills will be given preferential consideration: 

  • Current DHS Suitability at the SCI level.
  • Experience working within the Federal government technology community a plus
  • Knowledge of cyber policy & issues, the global cyber community, roles of major organizations how they interrelate and interact, and shortcomings in this structure.
  • Familiarity of the common cyber products and services, an understanding of their limitations, and a comprehensive understanding of the disciplines of cybersecurity. 

The employment policy of STG, Inc. is to provide equal employment opportunity for all qualified employees and applicants without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status and to ensure affirmative action is taken in fulfillment of this policy.