Vacancy caducado!
Bring your Cyber Threat Hunting experience and take advantage of this opportunity to discover how you can start to push past possible and achieve your goals today. As a Cybersecurity Analyst you will be responsible for coordinating and contributing to the Elastic training program that informs, educates, and executes on the implementation of Elastic with our clients. This position will partner with the other training professionals, stakeholders and other teams to provide instruction on the Elastic platform. This assignment also includes curriculum and program development and delivery, participation in department meetings, collaboration across disciplines, providing student support resources, and participation in ongoing professional development.Your work will contribute to the knowledge of how cyber-attacks work, how vulnerabilities are exploited, and the way hostile cyber actors operate. This role is full-time remote with an option of 25-50% travel (when travel resumes). As an experienced SME, you will work closely with leaders and stakeholders to expertly translate training concepts in Elasticsearch, Logstash, and Kibana.We will be asked to participate in a series of interviews demonstrating your knowledge, skills, and abilities about the Elastic platform. You will be asked to participate in a panel interview and provide a small instructional overview as part of the hiring process. Your candidacy will be contingent upon successfully completing the panel interview.Candidates will benefit from our partner training incentive to pursue Elastic certifications as a part of their candidacy and can be reimbursed for certification costs as of successfully onboarding onto the program.This is an opportunity to contribute to an important effort from its beginning, work with the latest and emerging technologies all while building a great career at ICF! RESPONSBILITIESYou’ll be a great fit if you:Familiarity supporting federal Information Assurance Programs setting policy, governance, security operations programs, and NIST requirements.
Experience teaching in-person or remote advanced cybersecurity curriculum to federal and commercial clients.
Contributing to instructional delivery, time management skills and attention to detail
Strong presentation skills and ability to facilitate and gain consensus among stakeholders and clients with disparate views.
Experience with technical hands-on experience in threat hunting and security operations center support.
Experience developing cybersecurity reports, dashboards, and scripts.
Experience using automation and scripting to deploy and monitor systems.
Research new and novel tactics, techniques, and procedures (TTP) to protect data and privacy.
Perform in-depth analysis and or security testing of information systems, using a wide variety of tools and techniques.
Review operational results for accuracy, probability, and impact.
Ability to comprehend and explain complex concepts and initiatives to audiences that have various levels of understanding.
Training consists primarily of a 5-day security course:
Each module is a single day and delivered with the goal of teaching methodology and how to use Elastic/Kibana to threat hunt.
Module 1 Zeek
Module 2 Suricata
Module 3 Pcap/Stenographer
Module 4 Kibana
Module 5 Capstone/Threat hunting
BASIC QUALIFICATIONSThe following skills/experience/knowledge are required to be considered for this role:Position is full-time remote with an option of 25-50% travel (if/when travel resumes)
5-10 years cyber threat hunting experience
Delivering complex cybersecurity instruction and network security concepts
Minimum of 5 years of advanced experience in network security or a network security certification.
In-depth experience Elastic products and/or providing instructions
Advanced knowledge of cyber threats and tactics, techniques, and procedures (TTPs).
Experience in managing identity access management processes.
Experience configuring and supporting system scanning applications (DB Protect, Guardium, Tenable, etc) to support a range of target systems (Linux, Unix, Windows, Mainframes, Oracle, SQL Server, etc.)
Experience using data analysis to drive system and configuration enhancement for scanning and security applications
Experience in day-to-day operation of an IT Security Group including incident forensics, risk analysis, threat assessment and mitigation activities.
May lead training teams and/or projects coordinating work activities, reporting on work status and providing input on team performance.
Manages host-based security software across multiple systems to protect data and system resources.
Experience in reviewing threats and counter-measures, monitors incidents and maintains general awareness of threats to IT resources.
Applies extensive technical expertise in principle discipline and broad knowledge in related security disciplines in revising or developing new methods and procedures.
Has demonstrated Superior leadership ability to lead, inspire, and direct a team of engineers.
Experience in managing access management processes to grant and remove user access to IT systems.
Collect and analyze data, make recommendations to improve our approach and the results of future communications, events, and activities.
PREFERRED QUALIFICATIONSActive High Level DOD clearance preferred but not required
Deep understanding of Elasticsearch and/or Lucene
Elastic Certified Analyst certification
Certified at IAT – Level 1 or above
Certification as a CCNP or CCIE in Security (bonus)
MS in Computer Science, Information Technology, Engineering, or Business discipline
Experience contributing to an open-source project or documentation
Experience in delivering instruction for enterprise search or databases
Experience in managing identity access management processes.
Experience configuring and supporting system scanning applications (DB Protect, Guardium, Tenable, etc) to support a range of target systems (Linux, Unix, Windows, Mainframes, Oracle, SQL Server, etc.)
Experience using data analysis to drive system and configuration enhancement for scanning and security applications
Experience in day-to-day operation of an IT Security Group including incident forensics, risk analysis, threat assessment and mitigation activities.
May lead training teams and/or projects coordinating work activities, reporting on work status and providing input on team performance.
Manages host-based security software across multiple systems to protect data and system resources.
Experience in reviewing threats and counter-measures, monitors incidents and maintains general awareness of threats to IT resources.
Applies extensive technical expertise in principle discipline and broad knowledge in related security disciplines in revising or developing new methods and procedures.
Has demonstrated Superior leadership ability to lead, inspire, and direct a team of engineers.
Experience in managing access management processes to grant and remove user access to IT systems.
Collect and analyze data, make recommendations to improve our approach and the results of future communications, events, and activities.
PROFESSIONAL SKILLS/EXPERIENCEProvide leadership, management and coaching to a team of driven communicators.
The candidate must have client service experience and strong communication skills (both oral and written) and presentation skills
Has demonstrated Superior leadership ability to lead, inspire, and direct a team of instructors and/or engineers.
Working at ICFWorking at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth.We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy (https://www.icf.com/legal/equal-employment-opportunity) .COVID-19 Policy: New or prospective U.S. employees must provide proof of complete vaccination on the date of their commencement of employment. If selected for employment, you will provide proof of your full vaccination status, defined as vaccinated two weeks after receiving the requisite number of doses of a COVID-19 vaccine approved or authorized for emergency use by the FDA.Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email [email protected] and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law (https://www.eeoc.gov/sites/default/files/migratedfiles/employers/posterscreenreaderoptimized.pdf) and Pay Transparency Statement (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transpEnglishunformattedESQA508c.pdf) . Virginia Remote Office (VA99)
Vacancy caducado!