CTL Resources has a number of open positions available immediately to support an exciting program just getting off the ground. This meaningful work will support the mission of the Naval Air Warfare Center, Weapons Division and their complex network of computing and communications systems and software supporting a scientific user community that relies on available and stable access to timely information.
The Enterprise Security Operations Center (SOC) analyst is responsible for successfully performing the daily monitoring, investigation, and incident response activities of Enterprise SOC. The SOC Analyst will generally review alert messages/events coming from external sources such as upstream computer network defense service providers and internal alerting systems or other teams within the organization, triage alerts, conduct investigations, support incident response processes, manages the alert/investigation, and develops and reports out findings
- Perform real-time monitoring of internal and information technology security equipment (IDS, IPS, HID, firewalls, SYSLOG) and systems to determine operational status and performance making use of various Security Incident and Event Management (SIEM) systems and other related security management/console applications, such as network traffic and data analytics )
- Analyze both raw and processed security alert and event data to identify potential security incidents, threats, mitigations, and vulnerabilities
- Support follow-on actions, such as coordinating with other organization teams to facilitate remediation of the alert/event/incident, and close out the investigation.
- Perform initial alert/event/incident triage used for investigation
- Initiate incident notification, case tracking/management, recovery actions, and report status updates
- Coordinate process and procedure actions with geographically separated team members
- Working knowledge of well-known networking protocols, services and operating systems to include but not limited to: TCP/IP, LDAP, Radius, IPSEC, HTTP, HTTPS, SSL, SSH, SFTP, SMTP, PPTP, PPP, SMB, SNMP, RIP, Windows and Linux)
- Hand-on experience managing IP Networks, Intrusion Detection Sensors (host and network), Intrusion Prevention Systems, firewalls, Host-Based Security System (HBSS) based on McAffee, and DISA's DISA – Assured Compliance Assessment Solution (ACAS) based on Tenable vulnerability scanner highly desired
- Hands-on experience writing and executing Microsoft Powershell
- Experience scripting in Linux BASH/command line, and Python or PERL.
- Excellent oral and written communication skills
- Excellent critical thinking, analytical, and problem solving skills
- Works well in a team environment and independently
- Excellent interpersonal and organizational skills with a customer service mindset
- Skilled working with Wireshark and Microsoft Office, specifically Word, Excel, PowerPoint, and Visio
- Secret Clearance Required at Minimum. Ability to obtain Top Secret.
- IAT Level II Certification Required - CCNA, CSA+, GICSP, GSEC, Security+ CE, SSCP
- AT Level III Certification Desired - CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH, CISM
- Additional Certifications Desired. - CAP, GSLC, ENSA, CASP CE, CSSLP, CEH, CFR, CSA+, GCIA, GCIH, GICSP, SCYBER, CISA, CISA+, GSNA, CISM, CISSP-ISSMP, GCFA, GSLC, CISSP-ISSAP, CISSP-ISSEP
Bachelor’s degree in computer science or other technical field and degree of applicability and 4 years of experience or 8 years (without a degree) experience. CNSSI 4012-4016 Certificate or NDU CISO certificate or Military Training NEC 2780 or 2779 or 2781 can also be substituted for educational requirement.
Ridgecrest, California. This location is within driving distance of several metropolitan areas and offers a low cost of living and pleasant small-town atmosphere.
CTL Resources is an established defense contractor with 15 years of experience delivering global engineering programs. We offer industry leading salaries as well as world class benefits including Medical, Dental, Vision, Life Insurance, Disability Insurance, Health Savings Plans, and 401k offerings. We offer challenging and exciting work opportunities, like NAVAIR Cyber and have a turnover level much lower than industry averages due to our tradition of serving our employees with the highest level of support.