Enterprise Insider Security Monitoring ECND010
See a complete list of our open positions
Apply at the Bottom of the Page
IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community. We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.
Some of the positions are future positions. Please look at the opening line of the job description to determine if this is an open or future position.
Our positions are not remote unless stated in the job description below.
We are looking to fill this position at the following location(s):
- Washington, DC
Job Description
Enterprise Insider Security Monitoring:
Level 4:
Skills and Tasks. Exceptionally Complex, Inter-Discipline, Inter-Organizational: Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks.
Leadership/Management: May work individually or as a key member of a senior leadership team. Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues.
Guidance: Provides expert guidance and direction to Government and Vendor senior level technicians and managers. Directs multiple contractor and subcontractor teams through to project completion.
STANDARD CHARACTERISTICS:
Identify and manage network and system vulnerabilities and security events
Receive, acknowledge, disseminate, track, report (daily/weekly, and update vulnerability management (VM) alerts, vulnerability assessments, red/blue team events, security incidents, and the VM common operating picture (VM COP)
Provide inspection services across the enterprise on behalf of the organization’s Special Enclave (SE) program manager
Support or perform global DoD inspections of GENSER and SE (e.g., JWICS) services to ensure compliance to DoDI 8530 standards.
Job Responsibilities:
The Security Monitoring Cyber Auditor is part of a Team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. This requires the ability to review event logs, follow checklists, knowledge of normal and malicious user attributable activity, and to prepare case evidence. Being able to gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information is highly desirable.
Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations.
Identify acceptable use policy infractions.
Ability review event logs to determine events of interest
Perform forensic analysis of digital information and gathers and handles evidence.
Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity
Leakage (PII).
Prepare case evidence and incident reports.
Work on special projects as assigned.
Desired Skills:
Experience with Splunk, Proofpoint, Fidelis, Solera, Windows and Linux Operating Systems
The position and hours are based on a 24x7x365 shift schedule and monitoring requirement.
This position is for a night position and requires working weekend nights. (Or Swing shift in Hawaii) **
Education and Experience:
HS/GED + 12 years
Associates Degree + 10 years
Bachelor’s Degree + 8 years
Master’s Degree + 6 years
PhD + 4 years
Certifications:
IAT Level 2
Security Clearance:
TS SCI CI poly