Millennium Corporation

IDS & IPS Analyst

Job Locations US-SC-Charleston
Posted Date 3 days ago(2/26/2021 4:05 PM)
Job ID
2021-1715

Overview

Millennium Corporation is hiring an IDS & IPS Analyst in Charleston, SC. Candidate must have an active Top Secret/SCI Clearance.

Responsibilities

The IDS & IPS analyst team develops, supports, tunes, and deploys signatures and policy solutions across various technologies on the project. SeP team performs hands-on Web Application Firewall configuration, policy fine-tuning, management, and maintenance. SeP team develops, supports, tunes, and deploys signatures for Intrusion Detection and Protection Sensors. Leverage information from partner teams to develop more robust, and comprehensive, signatures. Stay up-to-date on current malware trends, and threat actor activities, to ensure the security of the organization.

 

Web Application Firewall

  • Engineers, configures, deploys, and maintains F5 Web Application Firewall solutions.
  • Analyzes requests from subscriber sites for blocked web application traffic.
  • Coordinates with subscriber sites for Web Application Firewall tuning.
  • Coordinates with subscriber sites for onboarding of new Web Applications through the WAF.
  • Coordinate with other teams on deployment and maintenance of F5 WAF systems.
  • Performs technical analysis and administration tasks on Palo Alto Firewalls and F5 virtual appliances which includes: configure, document, Web Proxy, URL filtering, DLP/Antivirus policies, Panorama, install software/firmware upgrades, system patches; provide troubleshooting, fault isolation, preventive maintenance, technical support and problem-solving

IDS/IPS Responsibilities

  • Engineers, configures, deploys, and maintains IDS infrastructure for subscriber sites.
  • Write and deploy custom Suricata and Snort style signatures.
  • Analyze network traffic and IDS/IPS alerts to configure Suricata/Snort style signatures.
  • Coordinate with other teams on deployment and maintenance of ID

Qualifications

  • Candidate must have an active Top Secret/SCI Clearance 
  • Associates degree or higher from accredited university/technical college in Cybersecurity, Computer Science, Information Systems, or other related scientific or technical discipline
  • Must have one certification from EACH of the following:
    • 8570 - CCNA Security ,CySA+ ,GICSP ,GSEC ,Security+ CE ,CND ,SSCP
    • CSSP- CEH ,CFR ,CCNA Cyber Ops ,CCNA-Security ,CySA+ ,GCIA ,GCIH ,GICSP ,SCYBER ,Cloud +
    • OS- FEDVTE Linux Operating System
  • Extensive knowledge of Packet Analysis
  • Extensive knowledge of IDS/IPS solutions
  • Experience with log aggregation tools
  • Logical thinking and analytical capabilities
  • Strong oral and written communication skills
  • Knowledgeable in network security procedures, best practices, and implementation.
  • Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operations.
  • Experience implementing security tooling, processes, and strategies in the areas of AV endpoint protection, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Active Directory, and related technologies.
  • Experience analyzing web traffic requests.
  • Responsible for configuring and managing Palo Alto VM Firewalls within AWS and Azure cloud boundaries by utilizing latest automation techniques.
  • Performs technical analysis and administration tasks on Palo Alto Firewalls and F5 virtual appliances which includes: configure, document, Web Proxy, URL filtering, DLP/Antivirus policies, Panorama, install software/firmware upgrades, system patches; provide troubleshooting, fault isolation, preventive maintenance, technical support and problem-solving.
  • Experience maintaining, deploying, tuning Web Application Firewalls.
  • Experience exploiting web apps and web service security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, XML SOAP, and API attacks.
  • Understanding of OWASP Risks, Vulnerabilities and Mitigation mechanisms.
  • Experience analyzing network traffic with Wireshark or tcpdump.
  • Responsibilities include maintaining the intrusion ruleset, optimizing detection, configuring NGFW ACLs, general device configuration and maintenance, troubleshooting the devices when needed, assisting the analyst teams with investigations, and supporting the Solution Architects with design input and recommendations.
  • Experience writing and configuring Snort style IDS/IPS signatures.

Business Development

Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

  • Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 10-15 pounds at a time.

Travel Requirements

Up to 15% Travel may be required

About Us

Millennium is a strategic management, cybersecurity and systems engineering firm – driven by results and focused on people as we help our customers achieve mission success. With a proven track record of performance with the Army, Navy, OSD, DHS and other agencies, Millennium is a uniquely qualified and committed partner to the Federal Government.  It is through our work that the U.S. military and government is able to identify, manage and defeat threats.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed