Information Security Monitoring & Detection Lead

INFORMATION SECURITY MONITORING & DETECTION LEAD

Our company has been awarded a five-year, $400 million dollar contract to provide comprehensive IT services to NASA Ames Research Center located in Mountain View, CA.

We are seeking an experienced Information Security Monitoring & Detection Lead to supervise cyber security staff in NASA’s Security Operations Center (SOC). Join our growing team in supporting NASA's SOC at Ames Research Center in Mountain View, CA. US Citizenship is required as this position will have to obtain a US government security clearance.

• Supervise the team that monitors Agency systems for incidents and malicious activity in NASA’s 24/7/365 Security Operations Center (SOC)
• Provide technical guidance and leadership for the analysis of security events and identification of relevant incidents
• Develop and maintain the SOC Analyst training and certification program
• Update and maintain the SOC Analyst runbook, processes, and procedures
• Generate high-quality reports
• Coordinate with both Tier 1 and Tier 3 teams while providing incident handling and response support for the agency
• Contribute to SOC projects, process improvement, and development of new capabilities

• BS degree in relevant field/technology or equivalent years of experience
• 7+ years of progressive experience with increasing responsibilities within a Security Operations environment
• Experience managing staff in a technical operations center environment (NOC, SOC)
• Experience developing and documenting operational procedures
• Experience training operations staff for continuous improvement
• Experience generating security metrics and reports
• Excellent communication, writing, and interpersonal skills
• Broad information security knowledge, including familiarity with common attack methodologies, tactics, and protocols, Advance Persistent Threat groups, and Hacker activity
• Significant experience in network intrusion detection, including experience using common network monitoring tools - IDS, IPS, SIEM, and Syslog
• Experience with packet capture analysis and common network forensics and analysis tools - Wireshark, Kali, Netcat, TCPDump, and NMAP
• Experience reviewing and analyzing large amounts of raw log data (firewall, network flows, IDS, system logs)
• Familiarity with incident management procedures
• Possess a strong foundation in networking fundamentals with deeper knowledge of TCP/IP and other core protocols
• Knowledge of common network-based services and common client/server applications
• Familiarity in a command line environment in all operating systems
• Excellent problem-solving and analytical skills
• Ability to obtain a government clearance (US Citizenship is required)

• Experience managing staff in a mission-critical security operations center, preferably 24x7
• Experience with enterprise-level security incident event management tools such as Arc Sight, Splunk, or QRadar
• Experience analyzing phishing attacks
• CISSP, CEH, GIAC, OSCP are desired certifications

All your information will be kept confidential according to EEO guidelines.