Sr. Security Engineer and Forensic Analyst - (Promontory) in Logan, Utah For Sale

With projected annual revenues of $4.5 billion, more than 12,000 employees, and operations in 17 states across the US and in several international locations, Orbital ATK is a global leader in aerospace and defense technologies. Our mission is to ensure that our customers accomplish their mission - whether it's a technological breakthrough, a satellite launch or protecting our nation. Headquartered in Dulles, Virginia, we design, build and deliver space, defense and aviation systems for customers around the world, both as a prime contractor and merchant supplier. Our main products include launch vehicles and related propulsion systems; missile products, subsystems and defense electronics; precision weapons, armament systems and ammunition; satellites and associated space components and services; and advanced aerospace structures. United in pride and shared goals, Orbital ATK employees come from diverse backgrounds and work together to deliver reliable, innovative and affordable solutions. Work with the best and unleash your potential. If you are a dynamic, successful, driven professional, Orbital ATK is the company that will further your experience and career growth. We offer a highly competitive salary and comprehensive benefits, including medical, dental, 401(k), tuition reimbursement and much more. Orbital ATK is currently seeking an experienced Sr. Security Engineer and Forensic Analyst to join our Cyber Security team in our Utah, Minnesota, Maryland, or Arizona offices. Role description & Responsibilities: The Sr. Security Engineer and Forensics Analyst is responsible for defining, delivering and administering cyber security toolsets centered around SIEM and network behavior analysis. Join our Incident Response Team to deliver solutions, use cases and monitoring of malicious activities. Interface with Managed Security Service Provider to ensure appropriate monitoring and service levels around the SIEM solution. Isolate and identify areas of improvement for Cyber Security products and services. Provide expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks that support the Incident Response Team. Key Responsibilities: * Manage the full life-cycle for SIEM, Network Behavior Analysis, System Forensics and other security platforms to include the daily administration, planning of upgrades, new deployments, and maintaining operational data flows * Provide security architecture & systems engineering consulting to Incident Response Analysts and other IS staff * Maintain security by monitoring and ensuring coverage, effectiveness, compliance to standards, policies, and procedures; assisting in conducting incident response analyses; developing and conducting training programs. * Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities. Tuning SIEM for performance and event data quality to maximize system efficiency. * Research and maintain a deep understanding of current and emerging technologies and Cyber Security solutions * Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements. * Prepare system security reports by collecting, analyzing, and summarizing trends * Assist with the acquisition, vetting, and validation of cyber threat intelligence from various internal/external sources, and integrating them within security platforms * Supporting the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses. * Conduct ongoing and regular Cyber Security capability assessments and reviews including people, process and technologies; ensuring that all security capabilities and tools are operating effectively * Ensure security capabilities are reviewed and compliant within defined risk levels while considering hardware/software currency, performance/availability, security and information * Identify and document any risks, issues or critical success factors that may require immediate action * Define, implement, and communicate metrics driven scorecards to measure the effectiveness of Cyber Security Operations * Ensure that all Cyber Security related capabilities and solutions are operating effectively * Participate in the Computer Security Incident Response process * Responsible for identifying continuous security capability improvements that will help protect our computing environments * Capture / analyze network traffic for indications of compromise * Identify and collect actionable intelligence regarding ongoing information security threats * Review log-based data, both in raw form and utilizing SIEM or aggregation tools * Employ best practices and forensically sound principals such as evidence handling and chain of custody * Establish timelines and patterns of activity based on multiple data sources * Manage effective liaison relationships with other IS groups, vendors, and others * Serve as a mentor and team leader Experience Requirements: * Bachelor's degree in related business or technical areas, or an equivalency of education and work experience. * Candidates must be a US Citizen and have the ability to obtain a US government security clearance * Minimum of 8-10 years of Cyber Security and/or security engineering experience * 3+ years security engineering / administration experience * 2+ years SIEM experience desired * Technical skills proficiency in the following areas: security information event management, network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open source information collection * Self-starter with the ability to proactively engage and develop relationships with subject matter experts and analyst counterparts * Recent experience (last 3 years) performing NETFLOW or PCAP analysis using common analysis tools (Wireshark, etc) * Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Proven project management experience, including developing project plans, schedules and budgets for moderate scale projects * Experience with compliance requirements from DOD, NASA, NIST, SANS, OWASP desired. * Travel requirement of up to 15% Skills & Knowledge Qualifications: * Expert level experience in SIEM administration (ie ArcSight, QRadar or EnVision) * Experience applying Kill Chain analysis, Cyber Intelligence * Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA * Skilled level of knowledge of common attack vectors and penetration techniques * Solid working knowledge of networking technology and tools, firewalls, proxies, IDS/IPS, encryption, and protocols * Advanced Data Visualization proficiency leveraging COTS tools * Skilled level of knowledge about malware analysis (reverse engineering) * Skilled level of knowledge to research, compile, and report actionable intelligence threats * Excellent oral and written communication and presentation skills * Perform project leadership tasks on select security projects * Excellent teamwork skills and the ability to successfully interface with other IT Groups * Demonstrated advance skills in conducting forensic analysis of digital evidence, network traffic, managing event analysis/correlation and related incident investigations * Process control design and testing methods * Metrics development and reporting * System configuration and architecture * Proven ability to manage information security service and operation through effective management of resources * Demonstrated strong working knowledge of various information technologies and industry best practices * Demonstrated ability to take initiative and accountability for achieving results * Strong interpersonal, oral, and written communication skills Orbital ATK is applying entrepreneurial thinking and commercial practices to deliver reliable, innovative and affordable products and services to our customers and grow our core areas while harnessing new technologies that will take our products - and your ideas - into the future. When encouraged to think beyond the ordinary, you'll be amazed at what you can do! We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status, or any other characteristic protected by law. Equal Opportunity Employer M/F/V/D Are you a Veteran? Visit our Jobs for Veterans page to find jobs that match your military background. See Description
Source: http://www.juju.com/jad/xxxxxxxxvwgzol?partnerid=af0exxxx314cbc501beebacaxxxx739d&exported=True&channel=staticfile&hosted_timestamp=xxxxa345f27ac5dcxxxx226fxxxxa6ffbf2ae9dxxxxxxxx4d703dbb17c906ce5