Job Description

Tuknik Government Services, a Koniag Government Services company, is seeking an experienced Information Security Analyst with a Public Trust clearance to support TGS and our government customer in Reston, VA.

We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

Essential Functions, Responsibilities & Duties may include, but are not limited to:
The Information Security Analyst will function as part of a team, inclusive of customers, and must demonstrate sufficient written and communication skills to ensure success. The candidate must have advanced knowledge of the following areas:

• Cybersecurity Communications/Coordination - preparing incident reports, after-action reports, and SOC Analysis reports.
• Monitor and Analysis Support - participate in a variety of Information System Security (ISS) activities, including: monitoring of systems status; escalating and reporting potential incidents; creating and updating incident cases and tickets; analyzing applying various antivirus, network and host based intrusion detection, Digital Media Analysis (DMA), and vulnerability assessment tools, techniques and procedures; authoring and implementing custom detection content; tuning the Security Information and Event Management (SIEM) and Intrusion Detection System/Intrusion Prevention System (IDS/IPS) events to minimize false positives; process improvement; data management; and coordination and reporting of ISS-related incidents.
• Digital Media Analysis (DMA) Support - perform forensic analysis on a variety of digital media devices and mediums to identify, reverse engineer, and de-obfuscate content related to an incident, such as malicious content.
• Vulnerability Assessment Support - examine the security architecture and vulnerabilities of systems, through security scans, examination of system configuration, review of system design documentation, and interviews.
• Incident Assessment and Response Support - work with the DOI Cyber Incident Response Center, and/or any other pertinent parties (to include external vendors) at any DOI location to recover from any incident.
• Tool Operation and Maintenance - provide security device signature maintenance and performance reports; maintain the SIEM to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, antivirus, vulnerability scanner elements and other security-relevant devices; enroll DOI Enterprise and systems information into the SIEM tool and perform asset categorization and prioritization; and install or modify network security elements, tools, and other systems as required.
• SOC Change and Release Management - manage the life cycle of all SOC changes, with minimum disruption to SOC services. Oversees and manage all introductions into the production and test environments. Provide support for Change Requests (CR) and security reviews.
• SOC Platform / Infrastructure Operations - responsible for ensuring that the SOC platform itself is available and operational. This includes the shared application and technical services, as well as the system software, middleware, information security infrastructure, networks, and data centers.

Work Experience, Knowledge, Skills & Abilities:
The candidate must have strong foundational knowledge of information security and practical experience in Security Services. Specific knowledge areas include:

• Federal Information Security Management Act (FISMA) Compliance framework, including ongoing assessment and authorization.
• National Institute of Science and Technology Incident Response methodology.
• Cyber Security Incident Response Process
• Capability to perform system level forensics with applications such as Encase.
• Ability to operate and maintain Vulnerability Management solutions (e.g., Tenable Nessus, Imperva DB, HCL Web App Scan, Acunetix 360)
• Ability to operate and maintain hardware asset management applications (e.g., Forescout, SolarWinds, or MDE Device Discovery).
• Ability to operate, maintain and process data from different types of vulnerability scanners: Web Application, Database, Host-based, Network Based.
• Ability to analyze and develop assessment reports from data produced by Scanning Tools (e.g., Imperva DB Scanner, Tenable Nessus Scanner, HCl Web app scans, Acunetix 360).
• Ability to monitor, analyze and report on alerts produced by Security tools (e.g., Network Intrusion Detection Systems (NIDS), Host Intrusion Detection Systems (HIDS), ata Loss Prevention Systems (DLP), Security Information and Event Management system (SIEM)).
• Ability to monitor and analyze alerts generated on Endpoint Detection and Response (EDR) solutions (e.g., Microsoft Defender for Endpoint (MDE)).
• Ability to monitor and process alerts generated by SIEM and SOAR (e.g., Splunk SIEM/SOAR solutions).
• Ability to develop vulnerability assessment reports specific to the Department.

Minimum Experience:

• Must have six (6) years of operational experience, including two (2) years of hands-on experience.
• Must have a strong background and experience with projects involving information assurance and cybersecurity.
• Familiarity with MS-Office automation products, including MS-Word, MSExcel, MS-PowerPoint, and MS-Project.
• Familiarity working with Google products including Mail, Sites, Calendar, Spreadsheet, Drive, and Document.
• An academic degree in a closely related discipline (e.g., Computer Science,
• Information Security, Information Assurance, etc.) is preferred but not required.

Working Environment & Conditions
This job operates in a professional office environment and has a noise level of mostly low to moderate. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand; walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The workload may require the incumbent to sit for extended periods of time. The incumbent must be able to read, do simple math calculations and withstand moderate amounts of stress. The incumbent must occasionally lift and/or move up to 25 lbs. Specific vision abilities required by the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus.

Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender, or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms, and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or to apply to a position on our website, please contact Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.

Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352

Koniag Government Services