Network and Signature Analyst

    • Charleston, SC

Overview

AbleVets, A Cerner Company, provides healthcare information technology services and resources to help the VA and DoD improve the lives of the people they serve. AbleVets has an opportunity for an experienced, motivated Network and Signature Analyst to support information technology projects for our customers. The position will be based on site at our customer’s facility in Charleston, SC.

Responsibilities

The Network and Signature Analyst develops, supports, tunes, and deploys signatures and policy for intrusion detection and protection sensors as well as other various technologies.  The ideal candidate performs hands-on Web Application Firewall configuration, policy fine-tuning and maintenance. The successful candidate stays up-to-date on current malware trends, and threat actor activities, to ensure the security of the organization.  Roles and responsibilities include, but are not limited to:

  • Engineer, configure, deploy, and maintais F5 Web Application Firewall solutions
  • Analyzes requests from subscriber sites for blocked web application traffic
  • Coordinate with subscriber sites for Web Application Firewall tuning
  • Coordinate with subscriber sites for onboarding of new Web Applications through the WAF
  • Coordinate with other teams on deployment and maintenance of F5 WAF systems
  • Engineer, configure, deploy, and maintain IDS infrastructure for subscriber sites
  • Write and deploy custom Suricata and Snort style signatures
  • Analyze network traffic and IDS/IPS alerts to configure Suricata/Snort style signatures
  • Coordinate with other teams on deployment and maintenance of IDS systems
  • Leverage information from partner teams to develop more robust, and comprehensive, signatures

Qualifications

  • Bachelor's degree and zero (0) years of experience required. An additional three (3) years of relevant experience may be substituted for degree requirement.
  • Top Secret government clearance required
  • Must be able to obtain or ore more of the following certifications within 90 days of employment:
    • DoD or DoN Cybersecurity Workforce (CSWF) Certification or compliance (DoDD 8140 or SECNAV M-5239)
    • 8570 Classification IAT –II
    • CSSP Analyst
  • Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operations
  • Experience analyzing web traffic requests
  • Experience maintaining, deploying, tuning Web Application Firewalls
  • Experience exploiting web apps and web service security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, XML SOAP, and API attacks
  • Understanding of OWASP Risks, Vulnerabilities and Mitigation mechanisms.
  • Experience analyzing network traffic with Wireshark or tcpdump
  • Experience writing and configuring Snort style IDS/IPS signatures
  • Ability to work over-time as required to support surge incident response actions
  • Occasional travel required, up to 10%
Preferred/Desired Skills:
  • Practical knowledge in at least one scripting or development language (e.g. PowerShell or Python)
  • Ability to convey extremely technical concepts to audiences with varying technical understanding
  • The ability to solve problems independently or with minimal assistance

EEO Statement

AbleVets LLC appreciates your interest in our company as a place of employment. We are proud to be an equal opportunity/affirmative action employer and are committed to hiring and retaining a diverse workforce.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability, veteran status, or any other protected class. AbleVets is a VEVRAA Federal Contractor.


Back to top