Intrusion Analysts

Tier1 (junior) IDS analysts

Arlington, VA

  • Fundamental knowledge, understanding and hands-on experience using the Linux Operating System. Experience using Red Hat is a plus.
  • Fundamental knowledge and understanding of TCP/IP, routing and switching. Hands-on experience using tcpdump or wireshark is a plus.
  • Hands-on experience performing traffic analysis, intrusion analysis and detection. Possess the ability to recognize publicly known attack traffic patterns.
  • Hands-on experience with any of the IDS tools we use in-house is a plus. (Wireshark, tcpdump, pdf-parser, swfdump, Office Malware Scanner, etc.)
  • Fundamental knowledge and understanding of Security Information Management (SIM) solutions. Hands-on experience using ArcSight is a plus.
  • Must be 8570 compliant on the hire date at the IAT II or IAT III (Security+, CISSP, etc.) and CND analyst (CEH or GCIA) levels Tier2 Intrusion Analyst (intermediate)

Tier2 (intermediate) IDS analysts

Arlington, VA

For Tier2, knowledge and experience requirements for the above skillsets would increase. Tier 2 at the very minimum is three years direct experience if the candidate is extremely sharp and motivated, but more like four to five years direct experience. Ranges of skillsets would also increase for the Tier2.

In addition to the prerequisites required for tier 1, the following are minimum skillsets required for Tier2 (intermediate):

  • Ability to tune IDS/IPS systems
  • Ability to create and modify IDS/IPS signatures
  • Ability to define SIM content
  • Ability to install/configure/administer Unix/Linux boxes
  • Possess a basic understanding of scripting languages (perl, python, java, etc.)
  • Must be 8570 compliant on the hire date at the IAT II or IAT III (Security+, CISSP, etc.) and CND analyst (CEH or GCIA) levels

Tier3 Intrusion IDS Analyst (senior)

Arlington, VA

Tier 3 would be a minimum of seven years direct experience. Ranges of skillsets would also increase for the Tier3. In addition to the above for Tier1 and Tier2, the following are minimum skillsets required for Tier3 (senior):

  • Ability to recognize "known" and suspicious attack traffic patterns
  • Ability to determine/recommend new detection/prevention methods/capabilities
  • Ability to write/modify SIM correlation rules
  • Ability to Tune IDS/IPS systems
  • Ability to Create/modify IDS/IPS signatures
  • Demonstrated understanding and in-depth knowledge of regular expressions
  • Demonstrated understanding and in-depth knowledge of scripting languages (perl, python, javascript, etc.)
  • Must be 8570 compliant on the hire date at the IAT II or IAT III (Security+, CISSP, etc.) and CND analyst (CEH or GCIA) levels

Security Engineers

Security Engineer 1

Arlington, VA

Will support security engineering and operations and maintenance tasks for all phases of IDS/IPS, Security Information Management and Web Content Filtering architecture design, installation, implementation, administration and maintenance. Tasks and required capabilities include:

  • All Operating System installations, hardening, administration, upgrades and patching
  • COTS and open-source IDS/IPS, Content Filtering and SIM installations, administration, upgrades and patching
  • Documenting processes and procedures of all infrastructure operations
  • Ensuring IDS/IPS uptime and availability
  • Ensuring the integrity of the IDS/IPS systems
  • IDS/IPS performance base lining and measurement
  • Network security architecture planning and design
  • Perform troubleshooting of network problems (latency, outages, etc.) as they relate to IDS owned devices
  • Provide training on all of the systems to the tier analysts
  • Define SIM content
  • Determine/Recommend New Detection/Prevention Methods/Capabilities
  • Install/Configure/Administer Unix/Linux boxes
  • Recognize known and possibly suspicious attack traffic patterns
  • Write/modify IDS/IPS signatures
  • Demonstrated understanding of regular expressions
  • Demonstrated understanding of scripting languages (perl, python, JavaScript, etc.)

Security Engineer 2

Arlington, VA

Provide security development/research support for all phases of IDS/IPS, Security Information Management and Web Content Filtering development. Tasks and required capabilities include:

In addition to the prerequisites required for tier 1, the following are minimum skillsets required for Tier2 (intermediate):

  • IDS/IPS Signature Analysis, Development and Testing
  • SIM content Analysis, Development and Testing
  • Web Content Filtering Analysis, Development and Testing
  • Develop software solutions to automate aspects of IDS daily operations that commercial vendors are unable to address
  • Overt/Covert Intelligence Gathering
  • Testing of existing and new technologies in the ITA Lab
  • Tune IDS/IPS Systems
  • Demonstrated advanced understanding and in-depth knowledge of regular expressions
  • Demonstrated advanced understanding and in-depth knowledge of scripting languages (perl, python, JavaScript, etc.)

Back to top