Sr. Security Analyst

Knowledge Management Inc. (KMI) has the leadership and experience to deliver innovative technology logistics and management solutions to meet real mission requirements. KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics Warehouse Services Distance Learning/Training Enterprise Solutions Financial Management Support Program Management Intelligence Analysis & Threat Assessment and Data Analytics/Operations Research. Since 1998 our solutions and services have helped our clients improve performance drive cost and operational effectives and map technology needs for tomorrows requirements.

Title: Sr. Security Analyst

Location: Sterling VA (3 days onsite/2 days remote)

1st shift: 7:00 AM ET -3:30 PM ET Wednesday - Sunday.

Position: One

Duration: Ongoing contract

Start date: ASAP

Security Clearance: Minimum of a DOD Secret clearance

Salary: Please provide your salary requirement

Education/Experience: High school diploma (or equivalent) and 9 years of experience; Associate degree and 7 years of experience; Bachelors degree and 5 years of experience.

Knowledge Management Inc. is seeking a Senior Security Analyst to join our team of qualified and diverse individuals on our Department of State (DOS) Bureau of Diplomatic Technology (DT) Consular Affairs Enterprise Infrastructure Operations (CAEIO) program. CAEIO provides IT Operations and Maintenance to modernize the legacy networks applications and databases supporting consular applications and services globally.

The Analyst will be a member of CAEIOs Security Operations team responsible for performing Information Assurance (IA) and compliance support services to maintain CA production systems and improve cyber hygiene and security across various applications platforms and operating systems.

Responsibilities

• Utilize SIEM and EDR tools to monitor activity targeting customers networks systems and applications.
• Lead efforts to triage suspicious and malicious activity targeting the customer. Upon identifying unauthorized activity collaborate with internal and external teams to respond to threats.
• Support after-action activities to strengthen the customers security posture.
• Develop and update processes procedures and documentation including SOPs to enhance incident handling identify process improvements and support team training.
• Interface with multiple levels of management providing information in technical areas.
• Characterize and analyze network traffic to detect anomalous activity and potential threats to network resources.
• Notify designated managers cyber incident responders and cyber security service provider team members of suspected cyber incidents and articulate the events history status and potential impact for further action in accordance with the organizations cyber incident response plan.
• Analyze log files from a variety of sources (e.g. individual host logs network traffic logs firewall logs and intrusion detection system (IDS) logs) to identify possible threats to network security.
• Conduct advanced searching in response to alert and event triage.
• Perform real-time cyber defense incident handling tasks.
• Coordinate with internal and external teams on information gathering and response actions for identified incidents.
• Track incident resolution actions and ensure notifications are provided to the required point of contacts.
• Communicate with customers and teammates clearly and concisely.

Work Location: Must be local to Washington DC area. This position is currently hybrid with remote work and up to two days per week in the office in Sterling VA.

Required Qualifications

• U.S. citizenship and an active Secret clearance with the ability to obtain a Top-Secret clearance.
• 5 years of related systems security analysis experience - primarily in a government environment dealing with business critical high availability systems.
• Experience using SIEM and EDR platforms for security monitoring.
• Understanding of system network and application security threats and vulnerabilities with the ability to establish monitoring solutions.
• Ability to identifying different tactics and techniques of attacks.
• Strong log analysis skills.
• Understanding of TCP/IP and UDP protocols network ports/protocols and traffic flow.
• Strong knowledge of data analysis.
• 5 years SOC or related cybersecurity analysis experience.
• Experience utilizing Splunk to conduct incident investigations.
• Experience conducting incident analysis and triage to identify true incidents.
• Ability to multitask and prioritize tasks to meet periodically changing deadlines.
• Self-starting and able to drive projects to completion in a fast-paced environment.
• Strong written and verbal communication skills. Able to create discuss and explain technical documentation.
• Security CE or other 8570 IAT level II certification (required).

Preferred Qualifications

• Ability to examine issues both strategically and analytically.
• Knowledge of networking essentials components data flows protocols and authorization boundaries.
• Knowledge of cybersecurity frameworks and standards:
  • Cyber Incident Response Team (CIRT) or Security Operation Center (SOC) team experience
  • Knowledge of attack techniques and current threats
  • Knowledge of current IT security best practices
  • Mixed operating systems experience (Linux Windows)
• Understanding of web applications.

Education and Experience: High school diploma (or equivalent) and 9 years of experience; Associate degree and 7 years of experience; Bachelors degree and 5 years of experience.

Equal Employment Opportunity Statement. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or status as a protected veteran.

E-Verify Statement. Knowledge Management Inc. participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work KMI is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the Form I-9.

Pay Transparency Non-Discrimination Provision. Knowledge Management Inc. will not discharge or in any other manner discriminate against employees or applicants because they have inquired about discussed or disclosed their own pay or the pay of another employee or applicant. However employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information unless the disclosure is (a) in response to a formal complaint or charge (b) in furtherance of an investigation proceeding hearing or action including an investigation conducted by the employer or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c)

Disability Statement. If you have a disability and need reasonable accommodation or assistance at any point in the application or onboarding process please email us at .