Security Operations SME

Core one is seeking a Security Operations SME with operations room/center experience to join our growing Technical Advisory team. The Security Operations SME will be responsible for the standup of a new SOC capability, selection and deployment of effective and robust threat analysis tool suite and workflow. This individual would be expected to actively participate in SOC solution design and implementation and see it from concept to operation. The Security Operations SME would also initially lead threat investigations and provide expert support to incident response and monitoring functions.  

Responsibilities:

• Deploying and monitoring intrusion detection systems, ingesting global security incident notifications, dispatching, and escalating in response to security alerts and notifications.
• Manage email, phone communications, generate and/or manage trouble tickets, handle incoming chats, and provide technical support to customers.
• Work with developers, IT, and other Information Security staff as needed to resolve security events and complete projects.
• Investigate and resolve anomalies and events.
• Assist with maintaining and enhancing the current security infrastructure.
• Assist with network security evaluations and enhancements.
• Perform analysis around cyber-events by conducting research; evaluating the effect and impacts generated by the event, developing, or recommending analytic approaches of solutions to problems with incomplete information.
• Identification of cyber threats through common methodology
• Coordination and communication with client and corporate technical staff to prepare assessment reports, briefing and action reports in response to identified security events, tailoring analysis, and options for the client operational environment.
• Utilize multiple analytic tools, databases, and techniques to perform signal analysis and provide documented outcomes.
• Provide feedback and drive continuous improvement of internal processes, products, and services.
• Share information to improve the efficiency and response capabilities of the SOC organization and services.
• Knowledge of web application assessments and penetration testing activities.
• Evaluate emerging and available Information Security Technologies and make recommendations to better improve security on the networks.

Minimum Requirements:

• An active TS level clearance 
• At least 3 years’ experience working in security operations room/centers
• Bachelor’s degree and/or 5+ years relevant experience in lieu of education
• 4-7 years of hands-on experience in operational using SEIM, firewall, IDS/IPS, proxy, DLP, and/or virtualization tools in support of detection, response, mitigation, and/or reporting of cyber threats affecting systems and networks
• Expertise with security event monitoring, analysis, and triage
• Strong understanding of security principles such as attack frameworks, threat landscapes, attacker TTPs, etc.
• Strong knowledge of network communications, routing protocols, regulatory standards and compliance requirements and common internet applications/standards
• Familiarity with Linux/Windows/Mac Operating systems
• Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
• Some scripting or programming experience (e.g. C, C++, C#, Python, HTML, JavaScript, .NET)

Desired Skills/Experience:

• Active TS/SCI w/ Poly clearance 
• Current Technical Security certifications (i.e. CISSP, Certified Ethical Hacker, CCNA, CISM)
• Splunk experience

About Core One 
Our mission is to be at the forefront of devising analytical, operational and technical solutions to our Nation's most complex national security challenges.  In order to achieve our mission, Core One values people first and is comprised of outstanding professionals from the national security community.  Because Core One is committed to seeking top talent, we offer competitive compensation and benefits packages. In addition, Core One is a team-oriented, dynamic and growing company that values exceptional performance.

Core One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, or protected veteran status and will not be discriminated against on the basis of disability.