INTRUSION DETECTION ANALYST (IDA) WITH SECURITY CLEARANCE
CSIOS Corporation
Scott Air Force Base IL US
Review audit data and network traffic data for irregularities or other
indications of real or potential security violations
? Correlate and analyze security data and events from alert and traffic flow
systems
? Identify potential advanced persistent and coordinated threats across
multiple platforms
? Perform tuning and optimization tasks to include sensor rule review and
log aggregation/visibility
? Perform reviews of implemented cybersecurity defense IDS/IPS rules,
exceptions, and log availability and content
? Perform reviews of aggregated log data to identify missing required
sources; ensuring log data format IAW logging standards
? Develop/enhance existing intrusion detection analytics, dashboards, and
signatures to remain commensurate with evolving cyber threat
? Investigate all security related events and incidents involving assigned
information systems
? Report identified security incidents through approved reporting process
? Review and share significant activity reports and tippers
? Perform incident response based on security events identified
? Develop and deploy countermeasures in response to cybersecurity
incidents IAW Incident Response Plan
? Analyze and identify root cause and lessons learned from security
incidents; document formal after-action reports (AAR)
? Provide recommendations related to tactical response actions, such as
updating signatures and heuristics
? Develop and maintain security analysis scripts and analytic displays
Preferred knowledge and experience with the following:
? NIST and DoD security policies
? Securing virtualization/cloud infrastructure concepts, technologies and
services
? Microsoft server and workstation, Unix, and Red Hat Linux Enterprise OS
security configurations
? Basic forensic requirements and processes Required: One or more approved DoD 8570 baseline certifications for:
IAT II and CSSP Analyst.
3+ years of cybersecurity experience
indications of real or potential security violations
? Correlate and analyze security data and events from alert and traffic flow
systems
? Identify potential advanced persistent and coordinated threats across
multiple platforms
? Perform tuning and optimization tasks to include sensor rule review and
log aggregation/visibility
? Perform reviews of implemented cybersecurity defense IDS/IPS rules,
exceptions, and log availability and content
? Perform reviews of aggregated log data to identify missing required
sources; ensuring log data format IAW logging standards
? Develop/enhance existing intrusion detection analytics, dashboards, and
signatures to remain commensurate with evolving cyber threat
? Investigate all security related events and incidents involving assigned
information systems
? Report identified security incidents through approved reporting process
? Review and share significant activity reports and tippers
? Perform incident response based on security events identified
? Develop and deploy countermeasures in response to cybersecurity
incidents IAW Incident Response Plan
? Analyze and identify root cause and lessons learned from security
incidents; document formal after-action reports (AAR)
? Provide recommendations related to tactical response actions, such as
updating signatures and heuristics
? Develop and maintain security analysis scripts and analytic displays
Preferred knowledge and experience with the following:
? NIST and DoD security policies
? Securing virtualization/cloud infrastructure concepts, technologies and
services
? Microsoft server and workstation, Unix, and Red Hat Linux Enterprise OS
security configurations
? Basic forensic requirements and processes Required: One or more approved DoD 8570 baseline certifications for:
IAT II and CSSP Analyst.
3+ years of cybersecurity experience