Cyber Security Operations Specialist III – Enterprise Audit Log Aggregation
Cyber Security Operations Specialist III – Enterprise Audit Log Aggregation – St. Louis, MO
Position ID: RISA20230227-OP106
FSLA Classification: Exempt
Location: St. Louis, MO (NCW (63118)
Anticipated Start Date: Immediate Job Opening
Required Security Clearance: Must already possess and be able to maintain an active DoD TS/SCI security clearance.
Must already have or have held SCI within the last 2 years.
Must have the ability to obtain and maintain a CI polygraph within 6 months of start date.
COVID Policy: As directed by Executive Order 14042, all current and newly hired employees are required to be fully vaccinated for COVID-19 and provide proof of vaccination, except where they are legally entitled to an exemption/accommodation.
The Cyber Security Operations Specialist III operates and manages all aspects of Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation. This role will develop and execute security policies, plans, and procedures and ensure security measures of the network.
· Proactively search and identify indicators of compromise and anomalous behavior which is indicative of malicious behavior that has not yet met the event/incident threshold, or has not been detected by automated security tools.
· Assess date from multiple sources and navigates the cyber terrain to identified suspicious behavior.
· Obtain data for validating predictive models generated by advanced analytics.
· Augment identification and tracking of incidents.
· Create, update, and document tickets in the authorized ticketing system to initiate the incident response process any incidents discovered during the continuous hunt; tickets shall contain to contain sufficient information to meet the equivalent ticket created via Tier 1 and Tier 2 and shall include a level of detail
sufficient to enable the Government and other contract services to systematically reconstruct the analysis and methodology and any conclusions reached.
· Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report.
· Proactively investigate anomalous behavior which is indicative of malicious behavior but has not yet met the event/incident threshold and/or has not been detected by automated security tools
· Assessing and validating predictive models as provided by other services to locate potential adversary intrusions and unauthorized activity.
· Other duties as assigned
· Must have DoDD 8140.01 and DoD 8570.01-M IAT Level II certification. (Note: A minimum of CompTIA Security+ CE is required.)
· CSSP Analyst certification
(Note: see below for which certifications qualify – You only require one of the certifications listed under CSSP Analyst, in addition to CompTIA Security+ CE.)
o If applicant does not already have one of the following certifications, applicant will be allowed six months from job start date to obtain the certification.
· CCNA Cyber Ops
· Bachelor’s Degree in a Technical field (i.e. Information Technology, Information Systems, Computer Science)
· 5+ years of related experience working in Cyber area
Professional Office Environment; must be able to sit at a desktop or laptop computer for extended periods of time.
· While performing the duties of this job, the employee is regularly required to sit, stand, talk, hear and use hands and fingers to operate a computer and telephone.
· Must be able to communicate regularly via telephone and verbally present information to employees, customers and outside vendors.
Work Schedule/Expected Hours of Work:
· Requires ability to work weekends and evening hours as needed
· 40 hours per week (various shifts available and will be discussed during the interview process - you will be assigned one shift and shifts are not rotated)
· The start and end times may actually vary a little from what is listed here.
Day - Shift 0600-1400
Mid - Shift 1400-2200
Eve - Shift 2200-0600
· This job description is not designed to cover or contain a comprehensive listing of activities, duties and responsibilities that are required of the employee.
· Other duties, responsibilities and activities may change or be assigned at any time with or without notice.
Travel Estimated: No travel is expected.
Limited to per diem allowed in accordance with the Joint Travel Regulations/Federal Travel Regulations (JTR/FTR) for pre-approved travel if required.
United States Citizenship is required.
RISA is an emerging technologies service provider focused on the continuity of network operations and elimination of risk to ensure the confidentiality, integrity, and availability of critical business processes and data. RISA seeks professionals who are excited by technical challenges and driven by the opportunity to use their knowledge, skills, and abilities in helping our customers meet mission requirements. Our success comes from the talent and commitment of our dedicated employees driven in providing valuable services to our customers. Come along for the journey and perhaps you can be part of our growth and success. RISA offers a comprehensive benefits package that includes:
RISA is an Equal Opportunity Employer