Job Specifications
Synergy ECP is a Service-Disabled Veteran-Owned Small Business SD(VOSB) that was formed in July 2007 with Headquarters in Columbia, MD and is made up of talented, dedicated staff to provide a broad range of services to the defense, intelligence and health care industries.
In an ultra-competitive environment, Synergy ECP has thrived by adhering to our name, making sure excellence is displayed by our Employees, to our Customers and by Improving Performance (ECP).
It’s what sets us apart, enabling us to be an autonomous yet agile business that delivers huge results - showing we’re ready to meet our customers’ evolving demands.
Synergy ECP has earned a client list that includes numerous Fortune 100 companies, in addition to multiple branches of the US government and military services.
Synergy ECP is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected class.
Clearance Required: TS/SCI
Other Requirements: U.S. Citizenship
Description
Discover and characterize network and platform anomalies to include cross domain violations and submit findings to the Reporting Team Lead for analysis and report generation
Monitor, identify and analyze anomalous network activities on various networks
Conduct multi-source threat analyses to examine host behaviors and network traffic for high priority malicious attacks, anomalous traffic, or other incidents of interest, as well as generate reports as appropriate
Integrate Cyber Threat Intelligence to inform customer on newly discovered threats and vulnerabilities associated with the technologies used in the enterprise for the purpose of developing hunt analytics. Any shareable vulnerability information will be made available for traditional tipping and alerting to the broader customer base
Monitor adversarial capabilities, exploits, vulnerabilities, mitigation techniques, and best practices information and guidance through all-source research
Identify areas for deeper dive analysis of threat and vulnerabilities
Examine network topologies to understand data flows through networks and provide mechanisms to tip countermeasures
Employ analysis and tools to discover new threat actors
Implement the applicable reporting guidelines outlined in applicable directives and guidance
Conduct research/planning for strategy development in response to real-time operational requirements
Identify and document gaps in all data (e.g., netflow, syslog, etc.) that affect the customer mission in order to determine how to better posture mission capabilities
Develop, document and synchronize the recommendations and the tasking of signature and rule sets across ail sensors e.g., IDS, FW, etc. used by the customer
Knowledge of systems configuration and management of firewalls, IDS, servers and workstations
Experience with Red Team and/or Penetration Testing
Knowledge of incident categories, incident responses, and timelines for responses
Experience collecting data and reporting results; handling and escalating security issues or emergency situations appropriately; providing incident response capabilities to isolate and mitigate threats to maintain confidentiality, integrity, and availability for protected data
Demonstrated experience supporting external investigations
Familiarity with software development and network operations concepts and methodologies
Advanced knowledge of information systems security concepts and technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and computer forensic tools such as EnCase and open source alternatives
Experience with the Windows and Linux operating systems
Experience with investigating malicious code
Experience with scripting (PowerShell, Python, Java)
Desired Skills
Tier III Analyst experience, Network Analytics, Incident Investigations, Reverse Engineering and Malware Analysis, Task Prioritization
Strong comfort level with IPv4, TCP/IP, and RFC data, low level networking and protocols, TCP/UDP Ports for Apps, and understanding of what is normal/abnormal endpoint and on-wire activity
Experience in Cloud Environment using cloud analytics and PIG scripts/jobs to present data and using the Hadoop Distributed File System
Use of SIEMs or scripting to pull data into usable formats. Notification sources are Antivirus, HIDS, NIDS, IPS, and Firewalls
Experience with Wireless and SCADA are a plus
Ability to work extremely well under pressure while maintaining a professional image and approach
Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause
About the Company
Welcome to Synergy ECP, the most trusted partner in navigating the complex landscape of cybersecurity and digital transformation. With nearly two decades of dedicated service, we specialize in Cybersecurity, Engineering, Mission IT, and Special Programs Support, delivering mission-critical solutions to defense and intelligence agencies. Our team is counted on to address the most challenging national security issues with precision, leveraging our deep expertise and innovative technologies. Synergy ECP embraces the strategy an...
Know more