CSSP Analyst, proactively hunt for threats, monitor, identify, manage, track, analyze events and tune alerts utilizing SIEM QRadar ArcSight for event tracking and correlation to ensure integrity and confidentiality of network data. Monitor and track Wireless Intrusion Detection System (WIDS) for wireless incidents. Identify potential incidents and report per standardized processes and procedures. Create and remediate incident tickets. Assist with incident response by performing incident containment and establishment of remedial action recommendations. Conduct security systems testing. Compile and maintain internal standard operating procedure (SOP) documentation in accordance with current CJCSM policies and direction. Possess understanding of IDS/IPS solutions to include signature development and implementation. Manage and utilize a variety of CND Tools.
CISCO SOURCEFIRE (IDS) - CISCO ASA Firewalls - Tipping Point (IPS)
Joint Regional Security Stack (JRSS) - ArcSight - Blue Coat Web Proxy -
Windows Event Logs - PowerShell